Rewritebase / not in effect

The htaccess is written because the other commands I added to config.php are visible in my htaccess file.

Thanks


I don’t see any custom actions being written to the .htaccess pasted in the OP. Looks like the shipped one.

Sorry, I can’t tell if that’s sarcasm. There is genuinely nothing of value in owncloud.log for this purpose - the last entry was from a trusted domain error because of a config mistake I made a few hours ago.

No sarcasm at all. It helps that you’ve told me that there wasn’t anything significant in the logs :slight_smile:

1 Like

Does it make a difference if you guys set .htaccess to 777?

Huh, that did the trick. It added the following block to my .htaccess file (probably not useful to you but I’ll post it anyway)

#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####

ErrorDocument 403 /core/templates/403.php
ErrorDocument 404 /core/templates/404.php
<IfModule mod_rewrite.c>
  Options -MultiViews
  RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]
  RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]
  RewriteCond %{REQUEST_FILENAME} !\.(css|js|svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$
  RewriteCond %{REQUEST_FILENAME} !core/img/favicon.ico$
  RewriteCond %{REQUEST_FILENAME} !/remote.php
  RewriteCond %{REQUEST_FILENAME} !/public.php
  RewriteCond %{REQUEST_FILENAME} !/cron.php
  RewriteCond %{REQUEST_FILENAME} !/core/ajax/update.php
  RewriteCond %{REQUEST_FILENAME} !/status.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v1.php
  RewriteCond %{REQUEST_FILENAME} !/ocs/v2.php
  RewriteCond %{REQUEST_FILENAME} !/updater/
  RewriteCond %{REQUEST_FILENAME} !/ocs-provider/
  RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.*
  RewriteRule . index.php [PT,E=PATH_INFO:$1]
  RewriteBase /
  <IfModule mod_env.c>
    SetEnv front_controller_active true
    <IfModule mod_dir.c>
      DirectorySlash off
    </IfModule>
  </IfModule>
</IfModule>

Yep, that’s the correct block :slight_smile:

So it seems there is a permission problem. occ can’t write to your .htaccess with the permissions you had before.

1 Like

Ah, I just realized that my .htaccess was 640 root:www-data before, that would explain it. I’ve now set it to 660 root:www-data, which should be the correct permissions.

Edit: on second thought, that’s probably not a good idea from a security standpoint. I’ll set it back to 640 now that I’ve updated it, and I’ll have to remember to set it to 660 before I run the script again… although the script really should tell me about that problem.

I was about to guide you in this direction ;).
Also, that’s something you have to change before an update as well, so it might be worth having a script handy.

I’ve opened an issue: Better error handling in occ · Issue #368 · nextcloud/server · GitHub

1 Like

Hm, re-reading the template script that sets strong directory permissions, it seems to set the .htaccess files to 644 instead of 640. Have any insight into why it might need to be world-readable?
(I had manually chmod’d and chown’d the files instead of running the script)

I’m not sure, maybe to make sure a rogue request using a different user and looking at that folder always parses the file? @LukasReschke might know.

I get this when using occ with 777 and www-data permissions.

System config value htaccess.RewriteBase set to string /
Error updating .htaccess file, not enough permissions?

Nextcloud 11.0.0

Yep the same for me for occ error.

for rewrite issue, i solve mine : Apache didn’t load the rewrite module :
cat /etc/apache2/mods-available/rewrite.load returned nothing empty.

i’ve added in it :
LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so

More info at : http://xmodulo.com/how-to-enable-mod_rewrite-in-apache2-on-debian-ubuntu.html

To ensure the module is load run apachectl -M it should be in the list.

Ok, my issue is solved with NC 11. It was a permissions issue. Seems like the whole NC folder needs www-data permissions for the occ command to work.

The files that need to be modified are:

  • nc/.htaccess <-root
  • nc/config/config.php <- www(/-data/run)/http/apache

The issue is that they have different permissions, one is root owned, the other web server owned.
Also occ will run only with web server permissions.

So change permissions to .htaccess first, then run occ, and back again to secure .htaccess.
My two cents.

Pretty URLs

echo "Setting RewriteBase to “/” in config.php…“
chown -R www-data:www-data $NCPATH
sudo -u www-data php $NCPATH/occ config:system:set htaccess.RewriteBase --value=”/"
sudo -u www-data php $NCPATH/occ maintenance:update:htaccess
bash $SCRIPTS/setup_secure_permissions_nextcloud.sh

From https://github.com/nextcloud/vm/blob/master/nextcloud-startup-script.sh#L467-L472

Nice! :+1:

1 Like

When I have to work inside the Nextcloud folder I set permissions to update, when in use I set it to strong.
See scripts in the link: https://cloud.fred-dresken.nl/s/rhQj6SeGuyXzr0T

Yes, that’s exactly what we did in the Nextcloud VM as well. --^ :slight_smile: