I am trying to work out why my .htaccess is not being considered when loading a .php file. Below files sit in the webroot of my localhost.
.htaccess
# Cause a HTTP 500 test file.html
<html><body><h1>This should not show</h1></body></html> file.php
<html><body><h1>This should not show</h1></body></html> when I access /index.html, I get the expected HTTP500 When I access /index.php, the html shows.
Any ideas why the .htaccess would not load for the PHP file?
Apache 2.4.6 VHost (/etc/httpd/vhosts.d/website.local.conf):
<VirtualHost *:443> ServerName website.local ServerAlias www.website.local DocumentRoot /var/www/vhosts/website/website <Directory /var/www/vhosts/website/website> require all granted Options Indexes FollowSymLinks AllowOverride All </Directory> # Trigger PHP-FPM to run PHP execution <IfModule proxy_fcgi_module> ProxyPassMatch "^/(.*\.php(/.*)?)$" "unix:/var/www/vhosts/website/php-fpm.sock|fcgi://website/var/www/vhosts/website/website" DirectoryIndex index.php </IfModule> SSLEngine on SSLCertificateKeyFile /var/www/ssl/website.key SSLCertificateFile /var/www/ssl/website.crt </VirtualHost> There are no other vhost configurations for this site:
[root@localhost ~]# cat /etc/httpd/conf/*.conf | grep website.local [root@localhost ~]# cat /etc/httpd/vhosts.d/*.conf | grep website.local ServerName website.local ServerAlias www.website.local [root@localhost ~]# Update 1:
I have enabled rewrite:trace3 loglevel following the .htaccess debug instructions from https://stackoverflow.com/questions/5641618/how-to-enable-loglevel-debug-on-apache2-server. It looks like the .htaccess file is not even considered by Apache when loading a PHP file:
Accessing "/file.html" - .HTAccess is loaded and HTTP500 returned as expected
==> /var/log/httpd/website-error_log <== [Thu Jul 07 09:36:02.651091 2016] [core:alert] [pid 2822] [client 10.128.3.189:56406] /var/www/vhosts/website/website/.htaccess: Invalid command 'test', perhaps misspelled or defined by a module not included in the server configuration ==> /var/log/httpd/website-access_log <== 10.128.3.189 - - [07/Jul/2016:09:36:02 +0100] "GET /wp-admin/ HTTP/1.1" 500 527 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" Accessing "file.php" - .HTAccess is not loaded and HTTP200 returned
==> /var/log/httpd/website-access_log <== 10.128.3.189 - - [07/Jul/2016:09:38:41 +0100] "GET /file.php HTTP/1.1" 200 64057 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" 10.128.3.189 - - [07/Jul/2016:09:38:41 +0100] "GET /file.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2524 "https://www.website.local/file.php" "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" 10.128.3.189 - - [07/Jul/2016:09:38:41 +0100] "GET /file.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2146 "https://www.website.local/file.php" "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" Accessing "file.jpg" - .HTAccess is loaded and HTTP500 returned as expected
==> /var/log/httpd/website-error_log <== [Thu Jul 07 09:43:08.403263 2016] [core:alert] [pid 2827] [client 10.128.3.189:56551] /var/www/vhosts/website/website/.htaccess: Invalid command 'sfdgsaga', perhaps misspelled or defined by a module not included in the server configuration ==> /var/log/httpd/website-access_log <== 10.128.3.189 - - [07/Jul/2016:09:43:08 +0100] "GET /file.jpg HTTP/1.1" 500 527 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" I'm not aware of any configuration that would disallow .htaccess for specific file/mime types.. could it be a matter of in which order the modules are loaded?
Update 2: Cleaned up the vhost file above
Update 3: Problem only appears when PHP-FPM is configured Removing the below code from the configuration no longer skips the .htaccess files
<IfModule proxy_fcgi_module> ProxyPassMatch "^/(.*\.php(/.*)?)$" "unix:/var/www/vhosts/website/php-fpm.sock|fcgi://website/var/www/vhosts/website/website" DirectoryIndex index.php </IfModule> Update 4: Kudos to @w3d for pointing this out. Internally proxying the request is going to skip the .htaccess file. Of course it does. I have updated my VHost file to the below, following the answer from this thread: Apache 2.4 + PHP-FPM + ProxyPassMatch
<VirtualHost *:443> ServerName website.local ServerAlias www.website.local DocumentRoot /var/www/vhosts/website/website <Directory /var/www/vhosts/website/website> require all granted Options Indexes FollowSymLinks AllowOverride All </Directory> ErrorLog "logs/website-error_log" CustomLog "logs/website-access_log" combined env=!forwarded CustomLog "logs/website-access_log" proxy env=forwarded # Proxy set-up as per # https://serverfault.com/questions/450628/apache-2-4-php-fpm-proxypassmatch # This is to forward all PHP to php-fpm. <FilesMatch \.php$> SetHandler "proxy:unix:/var/www/vhosts/website/php-fpm.sock|fcgi://website/" </FilesMatch> # Set some proxy properties (the string "unique-domain-name-string" should match # the one set in the FilesMatch directive. <Proxy fcgi://website> ProxySet connectiontimeout=5 timeout=240 </Proxy> DirectoryIndex /index.php index.php # If the php file doesn't exist, disable the proxy handler. # This will allow .htaccess rewrite rules to work and # the client will see the default 404 page of Apache RewriteCond %{REQUEST_FILENAME} \.php$ RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_URI} !-f RewriteRule (.*) - [H=text/html] SSLEngine on SSLCertificateKeyFile /var/www/ssl/website.key SSLCertificateFile /var/www/ssl/website.crt </VirtualHost> 
.phpfile successfully parsed by PHP? Try (temporarily) removing the entire<Directory /var/www/vhosts/website/website/wp-content/uploads>section?