Home > Software design >  Synology Personal Websites htaccess results in 403 errors
Synology Personal Websites htaccess results in 403 errors

Time:07-19

  • Synology Server with DSM 7.1.x (recently updated from DSM 6.x and downgrading back down to DSM 6.x is not recommended by Synology)
  • Webstation Enabled with HTTP back-end server: Apache HTTP Server 2.4 and PHP: PHP 8.0
  • Personal Websites with these settings HTTP back-end server: Apache HTTP Server 2.4 and PHP: PHP 7.4
  • Personal Websites use WordPress 5.x or 6.x which require a .htaccess file

Problem: Personal Website .htaccess in /homes/user/www folders causes the 403 error

Could delete .htaccess to stop 403 error but Personal Websites use WordPress which requires .htaccess - cannot just delete this file because some WordPress actions recreates the .htaccess file (such as changing Settings > Permalinks) Newly created test user case: tmp

  • homes/tmp/www folder has "users" group with 775 permissions
  • homes/tmp/www/.htaccess has owner of "username" and group of "users" with 770 permissions
  • homes/tmp/www/wp-config.php has owner of "username" and group of "users" with 770 permissions
  • Even with permissions of 777 for ALL files in homes/tmp/www, the 403 error still exists with .htaccess
  • After deleting the .htaccess and creating/publishing a new page, viewing the new page results in a 404 error.

Default .htaccess lines

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /~username/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /~username/index.php [L]
</IfModule>

Even if .htaccess has no lines of code at all, the 403 error exists. So just the existence of the .htaccess file regardless of content causes a 403 error.

Anyone have ideas to solve this problem?

CodePudding user response:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /~username/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /~username/index.php [L]
</IfModule>

It looks like you are using Apache per-user web directories? If that's the case then /~username is not a physical directory (it's an "alias" to your user directory) and your document root is effectively /~username/ (which really messes with root-relative URL-paths).

In which case, your .htaccess should be like this instead:

RewriteEngine On

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]

Note that I've removed the RewriteBase directive altogether.

However, if this is part of the WordPress code block (ie. inside # BEGIN WordPress ... # END WordPress) comment markers then WordPress is going to try and overwrite your changes unless you take additional steps to prevent this.

CodePudding user response:

Solution I stumbled upon:

Edit the httpd2x.conf for Apache2.x (whichever is chosen for Personal Websites)

Add the following code

UserDir www
<Directory "var/services/homes/*/www">
    Options FollowSymLinks
    AllowOverride All
</Directory>

I tried a bunch of stuff and I think the above was the trick.

Page link:https//www.codepudding.com/Softwaredesign/479869.html

Prev:Find the most compact and efficient version of this python function
Next:Unable to create an object of type 'ApplicationDatabaseContext'. For the different pattern
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding