Rewritebase / not in effect

Added this to config.php

  'htaccess.RewriteBase' => '/',
  'check_for_working_wellknown_setup' => true,
  'check_for_working_webdav' => true,
  'check_for_working_htaccess' => true,

fred:/srv/www/htdocs/nextcloud # sudo -u wwwrun php occ maintenance:update:htaccess
    .htaccess has been updated

htaccess write and readable (wwwrun / www)

<IfModule mod_headers.c>
  <IfModule mod_setenvif.c>
    <IfModule mod_fcgid.c>
       SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
       RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
    </IfModule>
    <IfModule mod_proxy_fcgi.c>
       SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1
    </IfModule>
  </IfModule>

  <IfModule mod_env.c>
    # Add security and privacy related headers
    Header set X-Content-Type-Options "nosniff"
    Header set X-XSS-Protection "1; mode=block"
    Header set X-Robots-Tag "none"
    Header set X-Frame-Options "SAMEORIGIN"
    Header set X-Download-Options "noopen"
    Header set X-Permitted-Cross-Domain-Policies "none"
    SetEnv modHeadersAvailable true
  </IfModule>

  # Add cache control for CSS and JS files
  <FilesMatch "\.(css|js)$">
    Header set Cache-Control "max-age=7200, public"
  </FilesMatch>
</IfModule>
<IfModule mod_php5.c>
  php_value upload_max_filesize 513M
  php_value post_max_size 513M
  php_value memory_limit 512M
  php_value mbstring.func_overload 0
  php_value always_populate_raw_post_data -1
  php_value default_charset 'UTF-8'
  php_value output_buffering 0
  <IfModule mod_env.c>
    SetEnv htaccessWorking true
  </IfModule>
</IfModule>
<IfModule mod_php7.c>
  php_value upload_max_filesize 513M
  php_value post_max_size 513M
  php_value memory_limit 512M
  php_value mbstring.func_overload 0
  php_value default_charset 'UTF-8'
  php_value output_buffering 0
  <IfModule mod_env.c>
    SetEnv htaccessWorking true
  </IfModule>
</IfModule>
<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L]
  RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L]
  RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
  RewriteRule ^(\.|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>
<IfModule mod_mime.c>
  AddType image/svg+xml svg svgz
  AddEncoding gzip svgz
</IfModule>
<IfModule mod_dir.c>
  DirectoryIndex index.php index.html
</IfModule>
AddDefaultCharset utf-8
Options -Indexes
<IfModule pagespeed_module>
  ModPagespeed Off
</IfModule>

(RewriteBase is working on my Joomla install)
Any suggestions?

Are you sure the occ command is executed properly? Your .htaccess file does not get updated.

I have a similar problem - as above, htaccess.RewriteBase is defined as /. However, when looking at my .htaccess file, it doesn’t show the RewriteBase parameter. The command I ran for occ is:
sudo -u www-data ./occ maintenance:update:htaccess (I’m on Debian)
The result was .htaccess has been updated which seems to be the correct output.

Details of my setup
I have a ‘custom.config.php’ file on /config (the default config.php is untouched):

<?php
$CONFIG = array (
  'trusted_domains' =>
    array(
      '[snipped local IP]',
      '[snipped domain name]',
    ),
 'overwrite.cli.url' => 'https://[snipped domain name]',
  'htaccess.RewriteBase' => '/',
  'memcache.local' => '\OC\Memcache\APCu',
  'logtimezone' => 'America/Toronto',
  'enabledPreviewProviders' => array(
        'OC\Preview\PNG',
        'OC\Preview\JPEG',
        'OC\Preview\GIF',
        'OC\Preview\BMP',
        'OC\Preview\XBitmap',
        'OC\Preview\MP3',
        'OC\Preview\TXT',
        'OC\Preview\MarkDown',
        'OC\Preview\Illustrator',
        'OC\Preview\Movie',
        'OC\Preview\MSOffice2003',
        'OC\Preview\MSOffice2007',
        'OC\Preview\MSOfficeDoc',
        'OC\Preview\OpenDocument',
        'OC\Preview\PDF',
        'OC\Preview\Photoshop',
        'OC\Preview\Postscript',
        'OC\Preview\StarOffice',
        'OC\Preview\SVG',
        'OC\Preview\TIFF',
        'OC\Preview\Font'
  ),
);

Here is the resulting .htaccess (which is owned and rw by www-data)

<IfModule mod_headers.c>
  <IfModule mod_setenvif.c>
    <IfModule mod_fcgid.c>
       SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
       RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
    </IfModule>
    <IfModule mod_proxy_fcgi.c>
       SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1
    </IfModule>
  </IfModule>
  <IfModule mod_env.c>
    # Add security and privacy related headers
    Header set X-Content-Type-Options "nosniff"
    Header set X-XSS-Protection "1; mode=block"
    Header set X-Robots-Tag "none"
    Header set X-Frame-Options "SAMEORIGIN"
    Header set X-Download-Options "noopen"
    Header set X-Permitted-Cross-Domain-Policies "none"
    SetEnv modHeadersAvailable true
  </IfModule>
  # Add cache control for CSS and JS files
  <FilesMatch "\.(css|js)$">
    Header set Cache-Control "max-age=7200, public"
  </FilesMatch>
</IfModule>
<IfModule mod_php5.c>
  php_value upload_max_filesize 513M
  php_value post_max_size 513M
  php_value memory_limit 512M
  php_value mbstring.func_overload 0
  php_value always_populate_raw_post_data -1
  php_value default_charset 'UTF-8'
  php_value output_buffering 0
  <IfModule mod_env.c>
    SetEnv htaccessWorking true
  </IfModule>
</IfModule>
<IfModule mod_php7.c>
  php_value upload_max_filesize 513M
  php_value post_max_size 513M
  php_value memory_limit 512M
  php_value mbstring.func_overload 0
  php_value default_charset 'UTF-8'
  php_value output_buffering 0
  <IfModule mod_env.c>
    SetEnv htaccessWorking true
  </IfModule>
</IfModule>
<IfModule mod_rewrite.c>
  RewriteEngine on
  RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L]
  RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L]
  RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
  RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
  RewriteRule ^remote/(.*) remote.php [QSA,L]
  RewriteRule ^(build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
  RewriteRule ^(\.|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>
<IfModule mod_mime.c>
  AddType image/svg+xml svg svgz
  AddEncoding gzip svgz
</IfModule>
<IfModule mod_dir.c>
  DirectoryIndex index.php index.html
</IfModule>
AddDefaultCharset utf-8
Options -Indexes
<IfModule pagespeed_module>
  ModPagespeed Off
</IfModule>

The problem with some occ commands is that this is printed even if the operation fails, so try to run it with -vvv to see if there aren’t any errors. Also check the log. If the file is not writeable there may be an entry stating just that.

Try to paste your code between triple backticks.

1 Like

Running with -vvv gives the exact same output.
Log - do you mean the owncloud.log file in the data directory? If occ has its own logs, I can’t find them. There’s nothing relevant in the owncloud.log.

The htaccess is written because the other commands I added to config.php are visible in my htaccess file.

Thanks


I don’t see any custom actions being written to the .htaccess pasted in the OP. Looks like the shipped one.

Sorry, I can’t tell if that’s sarcasm. There is genuinely nothing of value in owncloud.log for this purpose - the last entry was from a trusted domain error because of a config mistake I made a few hours ago.

No sarcasm at all. It helps that you’ve told me that there wasn’t anything significant in the logs :slight_smile:

1 Like

Does it make a difference if you guys set .htaccess to 777?

Huh, that did the trick. It added the following block to my .htaccess file (probably not useful to you but I’ll post it anyway)

#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####

ErrorDocument 403 /core/templates/403.php
ErrorDocument 404 /core/templates/404.php
<IfModule mod_rewrite.c>
  Options -MultiViews
  RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]
  RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]
  RewriteCond %{REQUEST_FILENAME} !\.(css|js|svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$
  RewriteCond %{REQUEST_FILENAME} !core/img/favicon.ico$
  RewriteCond %{REQUEST_FILENAME} !/remote.php
  RewriteCond %{REQUEST_FILENAME} !/public.php
  RewriteCond %{REQUEST_FILENAME} !/cron.php
  RewriteCond %{REQUEST_FILENAME} !/core/ajax/update.php
  RewriteCond %{REQUEST_FILENAME} !/status.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v1.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v2.php
  RewriteCond %{REQUEST_FILENAME} !/updater/
  RewriteCond %{REQUEST_FILENAME} !/ocs-provider/
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
  RewriteRule . index.php [PT,E=PATH_INFO:$1]
  RewriteBase /
  <IfModule mod_env.c>
    SetEnv front_controller_active true
    <IfModule mod_dir.c>
      DirectorySlash off
    </IfModule>
  </IfModule>
</IfModule>

Yep, that’s the correct block :slight_smile:

So it seems there is a permission problem. occ can’t write to your .htaccess with the permissions you had before.

1 Like

Ah, I just realized that my .htaccess was 640 root:www-data before, that would explain it. I’ve now set it to 660 root:www-data, which should be the correct permissions.

Edit: on second thought, that’s probably not a good idea from a security standpoint. I’ll set it back to 640 now that I’ve updated it, and I’ll have to remember to set it to 660 before I run the script again… although the script really should tell me about that problem.

I was about to guide you in this direction ;).
Also, that’s something you have to change before an update as well, so it might be worth having a script handy.

I’ve opened an issue: https://github.com/nextcloud/server/issues/368

1 Like

Hm, re-reading the template script that sets strong directory permissions, it seems to set the .htaccess files to 644 instead of 640. Have any insight into why it might need to be world-readable?
(I had manually chmod’d and chown’d the files instead of running the script)

I’m not sure, maybe to make sure a rogue request using a different user and looking at that folder always parses the file? @LukasReschke might know.

I get this when using occ with 777 and www-data permissions.

System config value htaccess.RewriteBase set to string /
Error updating .htaccess file, not enough permissions?

Nextcloud 11.0.0

Yep the same for me for occ error.

for rewrite issue, i solve mine : Apache didn’t load the rewrite module :
cat /etc/apache2/mods-available/rewrite.load returned nothing empty.

i’ve added in it :
LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so

More info at : http://xmodulo.com/how-to-enable-mod_rewrite-in-apache2-on-debian-ubuntu.html

To ensure the module is load run apachectl -M it should be in the list.