Home / server / Questions / 624931
Accepted
Kerem atam
Asked: 2014-08-30 02:37:02 +0800 CST

.htaccess file isn't working for https

  • 772

I have simple .htaccess file to forbid access to a directory as :

order allow,deny 
deny from all

Well, it doesn't work with SSL and show the content of directory if client access the directory like https://some-url-here.com/forbidden-directory

ssl

2 Answers

  1. Best Answer

    You have specify that .htaccess is allowed to override directives.

    Check AllowOverride and make sure it is correctly defined in your virtual host definition.

    • 2

  2. gtirloni and SvW have already gave the answer but even though I will give more direct answer to make it easier for other starter level developers to save their time.

    SSL configuration file is located in : /etc/apache2/sites-enabled/default-ssl

    "< Directory /var/www/ >" section in my file looked like this before :

    <Directory /var/www/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
</Directory>

    All I had to do was to change the "AllowOverride None" to "AllowOverride All". So .htaccess files will not be ignored anymore for SSL.

    So fixed version looks like this :

    <Directory /var/www/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
</Directory>
    • 0