MoonPoint Support Logo


Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals

Advanced Search
Sun Mon Tue Wed Thu Fri Sat

Wed, Mar 19, 2014 11:17 pm

AuthUserFile not allowed here

After setting up a redirect similar to the following in an .htaccess file in a directory, I found that I would get a 500 Internal Server Error with the message "The server encountered an internal error or misconfiguration and was unable to complete your request." whenever I tried to access a file in a password-protected subdirectory beneath the one in which I had created the .htaccess file to have the Apache server redirect visitors accessing an old .html file that I had replaced with a .php one.

Redirect 301 /dir1/dir2/example.html /dir1/dir2/example.php

In the Apache error log for the website, I saw the following:

[Wed Mar 19 21:05:17 2014] [alert] [client] /home/jdoe/public_html/dir1/dir2/dir3/.htaccess: AuthUserFile not allowed here, referer:

That error log entry was created when I clicked on a link I had in example.php to access a file in the directory dir3, which was below the one in which example.php was located.

To allow the redirect to work, I had inserted the following code in the VirtualHost section for the website within Apache's /etc/httpd/conf/httpd.conf file.

<Directory /home/jdoe/public_html/dir1/dir2>
    AllowOverride FileInfo

The .htaccess file for controlling access to the subdirectory dir1/dir2/dir3 had worked fine until I created another .htaccess file above it in dir2 for the redirect. The one for controlling access to dir3 with a username and password was similar to the following:

AuthUserFile /home/jdoe/public_html/.htpasswd-test
AuthGroupFile /dev/null
AuthName Testing
AuthType Basic
Require user test1

Because it contained AuthUserFile and AuthGroupFile, but I didn't specify AuthConfig within the <Directory> section for the virtual host in the httpd.conf file, but only FileInfo for AllowOverride, the authorization control no longer worked. When I changed the AllowOverride line to that shown below and restarted Apache with apachectl restart then both the redirect for the file in dir2 and the HTTP basic access authentication method for files in the subdirectory dir3 beneath dir2 both worked.

<Directory /home/jdoe/public_html/dir1/dir2>
    AllowOverride AuthConfig FileInfo

I had forgotten that by limiting AllowOverride to just FileInfo for dir2, I was effectively nullifying any other type of overrides in any subdirectores beneath it.


  1. Apache Core Feartures
    Apache HTTP Server Project

[/network/web/server/apache] permanent link

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo