On Tue, Oct 8, 2024 at 11:25 PM Abhijith <learnawse...@gmail.com> wrote:
> Yes, I understand that now. That I shouldn't allow clients to access my
> .httaccess file. I don't know why the error occuring
>
> On Tue, 8 Oct 2024, 17:47 Frank Gingras, <thu...@apache.org> wrote:
>
>>
>>
>> On Tue., Oct. 8, 2024, 1:13 a.m. Abhijith, <learnawse...@gmail.com>
>> wrote:
>>
>>> Hi,
>>> Yes, In the the root directory there is .htaccess file, the content of
>>> the file is
>>> ```
>>> RewriteEngine on
>>> RewriteCond %{REQUEST_FILENAME} !-f
>>> RewriteCond %{REQUEST_FILENAME} !-d
>>> RewriteCond $1 !^(index\.php|robots\.txt|favicon\.ico)
>>> RewriteRule ^(.*)$ /index.php/$1 [L]
>>> ```
>>>
>>> Since by @Eric's suggestion I changed the configuration of httpd.con,
>>> like
>>> ```
>>> <Files ".ht*">
>>> Require all granted
>>> </Files>
>>> ```
>>>
>>> Now the error is gone, but there is a new error but it is related with
>>> the docker configuration.
>>> Thanks for the helpful insights.
>>>
>>> On Mon, 7 Oct 2024 at 19:22, Frank Gingras <thu...@apache.org> wrote:
>>>
>>>>
>>>>
>>>> On Mon, Oct 7, 2024 at 7:51 AM Eric Covener <cove...@gmail.com> wrote:
>>>>
>>>>> On Mon, Oct 7, 2024 at 7:12 AM Eric Covener <cove...@gmail.com> wrote:
>>>>> >
>>>>> > >> [Sun Oct 06 10:02:48.889047 2024] [authz_core:error] [pid 10:tid
>>>>> 131326541519672] [client 192.168.16.1:49194] AH01630: client denied
>>>>> by server configuration:
>>>>> /usr/local/apache2/htdocs/apps/admin/public_html/.htaccess
>>>>> >
>>>>> > This error means it's not filesystem permissions. Are there other
>>>>> > vhosts/*.conf you didn't show? apachectl -S from within the
>>>>> container
>>>>> > would summarize it.
>>>>>
>>>>> Based on the error, It seems like you may be unexpectedly accessing
>>>>> the .htaccess file directly via a HTTP client, which is rejected by
>>>>> design with this snippet:
>>>>>
>>>>> <Files ".ht*">
>>>>> Require all denied
>>>>> </Files>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Eric Covener
>>>>> cove...@gmail.com
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>>>>> For additional commands, e-mail: users-h...@httpd.apache.org
>>>>>
>>>>>
>>>> I am concerned about anything trying to request the .htaccess file
>>>> directly as well; it sounds like a broken application/script.
>>>>
>>>
>> That would be a mistake, since those files are not meant to be accessed
>> directly.
>>
>> They are blocked by default for security reasons.
>>
>
You will need to find out what is requesting those files directly; as I
stated before, it sounds like a broken script or application.
