Apache rewrite to remove index.php

same for me, unfortunately… :frowning:

@nani @nikolasdas if your setup is anything like mine (I’m on Gandi simple hosting) where I don’t have sudo, then here’s a solution if the .htaccess doesn’t update for some reason.

Beware that this works for Nextcloud 10 and might break in the future when paths are updated. So no guarantee. :slight_smile:

In addition to the addition of 'htaccess.RewriteBase' => '/', in the config.php, you have to paste this block at the end of your .htaccess. It’s the block which is inserted by the occ maintenance:update:htaccess command:
(Big thanks to @MorrisJobke for giving me the snippet! :tada:)

<IfModule mod_rewrite.c>
  Options -MultiViews
  RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]
  RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]
  RewriteCond %{REQUEST_FILENAME} !\.(css|js|svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$
  RewriteCond %{REQUEST_FILENAME} !core/img/favicon.ico$
  RewriteCond %{REQUEST_FILENAME} !/remote.php
  RewriteCond %{REQUEST_FILENAME} !/test.php
  RewriteCond %{REQUEST_FILENAME} !/public.php
  RewriteCond %{REQUEST_FILENAME} !/cron.php
  RewriteCond %{REQUEST_FILENAME} !/core/ajax/update.php
  RewriteCond %{REQUEST_FILENAME} !/status.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v1.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v2.php
  RewriteCond %{REQUEST_FILENAME} !/updater/
  RewriteCond %{REQUEST_FILENAME} !/ocs-provider/
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
  RewriteRule . index.php [PT,E=PATH_INFO:$1]
  RewriteBase /
  <IfModule mod_env.c>
    SetEnv front_controller_active true
    <IfModule mod_dir.c>
      DirectorySlash off
    </IfModule>
  </IfModule>
</IfModule>
1 Like

Thank you for sharing this, but the htaccess is not the problem. It gets updated correctly, but the rewrite doesn’t have any effect :confused:

Same here. My .htaccess looks exactly the same at the end as @jan’s.
Probably won’t work unless the pretty URL-rewrite part is going to be compatible with fastCGI in a shared hosting environment (i.e. no root access/permissions).
Given the number of other issues open at Github, I understand it’s not a priority issue and probably won’t be dealt with anytime soon, if ever. So there’s little hope.

EDIT: SOLVED
@nikolasdas @Armando_Valencia

Finally, by accident, I seem to have solved this issue: I’ve included 'htaccess.IgnoreFrontController' => true in my config.php.
Then updated the .htaccess file in my web root folder using ./occ maintenance:update:htaccess
That seems to do the trick. Don’t know if it’ll work on your system though (my setup = NC 12.0.1 on a shared CENTOS server, PHP 7). Good luck!

1 Like

In my case (Nextcloud 10.0.1 on Ubuntu 16.04), this will cause 2 error messages in the admin settings:

  • The “X-Content-Type-Options” HTTP header is not configured to equal to “nosniff”. This is a potential security or privacy risk and we recommend adjusting this setting.
  • The “X-Frame-Options” HTTP header is not configured to equal to “SAMEORIGIN”. This is a potential security or privacy risk and we recommend adjusting this setting.

I’ve changed it in .htacces manually to

<IfModule mod_env.c>
    # Add security and privacy related headers
    Header always set X-Content-Type-Options "nosniff"
    Header set X-XSS-Protection "1; mode=block"
    Header set X-Robots-Tag "none"
    Header always set X-Frame-Options "SAMEORIGIN"
    Header set X-Download-Options "noopen"
    Header set X-Permitted-Cross-Domain-Policies "none"
    SetEnv modHeadersAvailable true
</IfModule>

(“Header always set…” instead of “Header set…”)

@jan, if i run the command

sudo -u www-data php occ maintenance:update:htaccess

the corrections in .htaccess will be overwritten and those 2 error messages will appear again :frowning:

My Apache config was a little bit too restrictive, after removing

Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff

the manual intervention of .htaccess was no more necessary.

But THX, anyway!

Hi,

A run Nextcloud on Debian and Apache 2.4.10. I upgrades from Nextcloud 10.0.1 to 11.0 yesterday. Before my url was https://cloud.mydomain.com/apps/files/ but now it is https://cloud.mydomain.com/index.php/apps/files/.

Both these modules are enabled
a2enmod rewrite
Enabling module rewrite.

a2enmod env
Module env already enabled

And I have this in my config.php
’htaccess.RewriteBase’ => ‘/’,

Then I am not able to execute the following command
sudo -u www-data php occ maintenance:update:htaccess
Error updating .htaccess file, not enough permissions?

www-data owns the file and should be able to write to it
chown www-data:www-data .htaccess

sudo -u www-data php occ maintenance:update:htaccess
Error updating .htaccess file, not enough permissions?

Anyone having any ideas why this happens?

for rewrite issue, i solve mine : Apache didn’t load the rewrite module :
cat /etc/apache2/mods-available/rewrite.load returned nothing empty.

i’ve added in it :
LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so

More info at : http://xmodulo.com/how-to-enable-mod_rewrite-in-apache2-on-debian-ubuntu.html

To ensure the module is load run apachectl -M it should be in the list.

7 posts were split to a new topic: .Htaccess permission denied

Same problem here. occ maintenance:update:htaccess works runs without an error but has no effect. My installation is located under /var/www/virtual/minerva/nextcloud.cjf-berlin.de. What should be the value of htaccess.RewriteBase?

Did you setup AllowOverrides in your Apache config?

1 Like

No, I didnt. But FredFS456 didnt include AllowOverrides in his config also.
What do I have to include in my .htaccess file?

Otherwise .htaccess has no effect

I enabled AllowOverride, but the urls still include index.php

Assuming you’re installing NC in the root and not within a nextcloud folder in your path, then 'htaccess.RewriteBase' => '/', will be fine in your config file.

With your Apache conf looking roughly as follows:

<Directory /var/www/virtual>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

And after running the occ command it should work.

I’d vote to close this topic. It was originally marked as solved and all the other contributions are unorganized, so it is hard to gather all information related to a user and his problem. Many times we are supposing a default debian/ubuntu setup is used with apache + mod_php when it is not the case (admin panels, fcgi, …).

1 Like

Agreed it has become a behemoth.

@Thomas_Mayer I’ll split your contributions off into a new topic. I hadn’t even noticed you had commented quite further up until just now.