generated .htaccess files should be wrapped by ifmodule #3129

robocoder opened this Issue Apr 27, 2012 · 6 comments

3 participants




The Allow/Deny/Satisfy directives are potentially problematic if the corresponding Apache module isn't loaded.

Note: Satisfy lives outside of core in Apache 2.4.


(In [6227]) fixes #3129


(In [6359]) refs #3129 - for Apache 2.2, it must be mod_authz_host.c (not mod_authz_host); also, we need to wrap it with !mod_access_compat as this module still exists in Apache 2.4 but Allow/Deny were moved to mod_access_compat


I still have this problem with Piwik 2.2.2 and Apache 2.4.
Tha automatically generated .htaccess is not valid. It gives the error Invalid command 'Deny', perhaps misspelled or defined by a module not included in the server configuration

I found this workaround:

  • I edited each .htaccess file manually
  • I set each .htaccess file read only

My .htaccess files look like this (I didn't care about finding a way to express this conditionnally):

<Files ~ "\.(php|php4|php5|inc|tpl|in|twig)$">
Require all denied
<Files ~ "\.(test\.php|gif|ico|jpg|png|svg|js|css|swf)$">
Require all granted

These are the access/authenication modules that are installed:

  • auth_basic_module
  • authn_core_module
  • authn_file_module
  • authz_core_module
  • authz_groupfile_module
  • authz_host_module
  • authz_user_module I don't have access_compat_module installed
Piwik Open Source Analytics member

The other day I stumbled upon this commit in phpbb:

Maybe we could check out this one, and possibly how other popular open source projects have sorted their .htaccess so it works across all server configurations.

Piwik Open Source Analytics member

@lmeyer please post your comment/ feedback on this ticket: #4499

(this one is too old, thanks!)

@robocoder robocoder added this to the 1.12.x - Piwik 1.12.x milestone Jul 8, 2014
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment