Disallow .htaccess for performance w/o breaking server


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://mercury.photo

My web server is (include version): Linux

The operating system my web server runs on is (include version): Ubuntu 16.04

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

In the interest of improving performance of my Apache server, I’ve disabled .htaccess lookups in my vhosts file and used an include directive to point to the various .htaccess files on my Wordpress installation, e.g.,

<VirtualHost *:80>

DocumentRoot /path/to/wordpress/

ServerName mercury.photo
RewriteOptions inherit

<Directory "/path/to/wordpress/">
  allow from all
  Options -Indexes +FollowSymLinks
  AllowOverride None
  Include /path/to/wordpress/.htaccess
  Include /path/to/wordpress/wp-content/plugins/this_plugin/.htaccess
  Include /path/to/wordpress/wp-content/plugins/that_plugin/.htaccess
</Directory>

etc.

When I add the “include” directives (except for the main WP .htaccess, which does not break anything) to my LE vhosts .conf, my website becomes inaccessible (403 forbidden). How can I ensure that the Apache server reads the .htaccess files from all installed plugins without excessive & redundant lookups?


#2

One of these surely is intended to prevent access to that specific directory, and is not intended to apply to the entire WordPress installation directory.

You have to Include these directory-specific include files in <Directory> sections specific to the directory, e.g.

<Directory /path/to/wordpress/wp-content/plugins/this_plugin>
  Include /path/to/wordpress/wp-content/plugins/this_plugin/.htaccess
</Directory>

#3

Aha! Thanks; I’ll do that now.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.