The two main disadvantages to using .htaccess
are the performance impact and the extending of control
access to others. The first is somewhat manageable through
the judicious use of the AllowOverride
directive, and the latter is a matter of establishing trust —
and performing risk assessment. What mix works best in your
environment is something you’ll need to determine for
yourself.
Troubleshooting
Here are some of the most common problems I’ve seen people have
(or have had myself) with .htaccess
files. One thing I
should stress first, though: the server error log is your friend.
You should always consult the error log when things don’t seem to
be functioning correctly. If it doesn’t say anything about your
problem, try boosting the message detail by changing your
LogLevel
directive to debug
. (Or
adding a LogLevel debug
line of you don’t have
a LogLevel
already).
- ‘Internal Server Error’ page is displayed when a document is
requested - This indicates a problem with your configuration. Check the
Apache error log file for a more detailed explanation of what
went wrong. You probably have used a directive that isn’t allowed
in.htaccess
files, or have a directive with incorrect
syntax. .htaccess
file doesn’t seem to change anything- It’s possible that the directory is within the scope of an
AllowOverride None
directive. Try putting a line
of gibberish in the.htaccess
file and force a reload
of the page. If you still get the same page instead of an
‘Internal Server Error‘ display, then this is probably the
cause of the problem. Another slight possibility is that the document
you’re requesting isn’t actually controlled by the.htaccess
file you’re editing; this can sometimes happen if you’re accessing
a document with a common name, such asindex.html
. If
there’s any chance of this, try changing the actual document and
requesting it again to make sure you can see the change.
this isn’t happening. - I’ve added some security directives to my
.htaccess
file, but I’m not getting challenged for a username and password - The most common cause of this is having the
.htaccess
directives within the scope of aSatisfy Any
directive. Explicitly disable this by adding a
Satisfy All
to the.htaccess
file,
and try again.
Going Further
Once you’ve got your Apache Web server up and running, the first
hurdle has been surmounted. Now you can move on to exploring its
capabilities and features. Here are some pointers to resources
for further investigation:
-
The main Apache Web site, of course:
http://www.apache.org/> -
The documentation for Apache and its modules:
http://www.apache.org/docs/> -
The canonical email response page:
http://www.apache.org/foundation/preFAQ.html>(This page is normally used to respond to email requests for
support, but there are lots of good resources listed on
it.)