Mathias Bynens

Apache’s AllowOverride All doesn’t do what you think it does

I just had to set up an Apache server for a school project. Because I like to use .htaccess files to set rewrite rules and fiddle with some other options, some extra modules had to be loaded in addition to the standard batch.

Checking which modules are currently loaded can easily be done using phpinfo(), as explained in this post about enabling mod_rewrite in Apache.

Activating Apache modules is easy: simply open up the httpd.conf file in the /conf/ folder of your Apache installation, and uncomment (or add) the appropriate lines. Commented lines always start with a hash (#).
Basically, to load mod_negotiation (for MultiViews) and mod_rewrite (for rewrite rules), you simply add the following lines to httpd.conf:

LoadModule negotiation_module modules/mod_negotiation.so
LoadModule rewrite_module modules/mod_rewrite.so

So far, so good. Apache is instructed to load the extra modules; we should now be able to use MultiViews and rewrite rules by defining them in a .htaccess file.
However, when I tried using Options +MultiViews, all I got was one of those infamous “500 Internal Server Error” pages.

The error log said something among the lines of .htaccess: Option MultiViews not allowed here.

Google wasn’t really helpful in this case. At first, all I could find was some guy having the same problem. I couldn’t find any solutions until I actually started browsing old #apache IRC logs.

Turns out Apache has a default setting in httpd.conf which specifies the settings that can be overriden by what’s written in your .htaccess file: AllowOverride. Your httpd.conf might contain something like this:

<Directory />
 Options FollowSymLinks
 AllowOverride All
 Order deny,allow
 Deny from all
</Directory>

Contrary to what you may think, the All parameter doesn’t really mean “[allow overriding] all options”, since it doesn’t include the MultiViews option! The key here is to use AllowOverride Options=All,MultiViews. Together with all other groupings of directives, this is the code we need:

<Directory />
 Options FollowSymLinks
 AllowOverride AuthConfig FileInfo Indexes Limit Options=All,MultiViews
 Order deny,allow
 Deny from all
</Directory>

Comments

Jean Delvare wrote on :

I had the exact same problem, and your solution works just fine. Very useful article, thanks!

Leave a comment

Comment on “Apache’s AllowOverride All doesn’t do what you think it does”

Some Markdown is allowed; HTML isn’t. Keyboard shortcuts are available.

It’s possible to add emphasis to text:

_Emphasize_ some terms. Perhaps you’d rather use **strong emphasis** instead?

Select some text and press + I on Mac or Ctrl + I on Windows to make it italic. For bold text, use + B or Ctrl + B.

To create links:

Here’s an inline link to [Google](http://www.google.com/).

If the link itself is not descriptive enough to tell users where they’re going, you might want to create a link with a title attribute, which will show up on hover:

Here’s a [poorly-named link](http://www.google.com/ "Google").

Use backticks (`) to create an inline <code> span:

In HTML, the `p` element represents a paragraph.

Select some inline text and press + K on Mac or Ctrl + K on Windows to make it a <code> span.

Indent four spaces to create an escaped <pre><code> block:

    printf("goodbye world!");  /* his suicide note
                                  was in C */

Select a block of text (more than one line) and press + K on Mac or Ctrl + K on Windows to make it a preformatted <code> block.

Quoting text can be done as follows:

> Lorem iPad dolor sit amet, consectetur Apple adipisicing elit,
> sed do eiusmod incididunt ut labore et dolore magna aliqua Shenzhen.
> Ut enim ad minim veniam, quis nostrud no multi-tasking ullamco laboris
> nisi ut aliquip iPad ex ea commodo consequat.

Select a block of text and press + E on Mac or Ctrl + E on Windows to make it a <blockquote>.