cancel
Showing results for 
Search instead for 
Did you mean: 

error log .htaccess: Option FollowSymLinks not allowed here on centos 7 500 internal server error

error log .htaccess: Option FollowSymLinks not allowed here on centos 7 500 internal server error

Hello,

 

I have a webmin(virtualmin) server with several websites for the using apache 2.4.6 Centos 7, when i install magento2.2 display 500 Internal Server Error and log display .htaccess: Option FollowSymLinks not allowed here. 

 

If remove .htaccess file, no css and image.

 

.htaccess

############################################
## workaround for Apache 2.4.6 CentOS build when working via ProxyPassMatch with HHVM (or any other)
## Please, set it on virtual host configuration level

##    SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
############################################

<IfModule mod_rewrite.c>

############################################
## enable rewrites

    Options +FollowSymLinks
    RewriteEngine on

############################################
[root@host conf]# httpd -v
Server version: Apache/2.4.6 (CentOS)
Server built:   Sep 20 2017 01:44:44
[root@host conf]# 
[root@host conf]# php -v
PHP 7.1.11 (cli) (built: Oct 29 2017 17:26:51) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.1.0, Copyright (c) 1998-2017 Zend Technologies
    with Zend OPcache v7.1.11, Copyright (c) 1999-2017, by Zend Technologies
[root@host conf]# 
error log:
/home/xxx/public_html/.htaccess: Option FollowSymLinks not allowed here
httpd.conf
<VirtualHost 45.33.39.97:80>
SuexecUserGroup "#500" "#500"
ServerName xxx.com
ServerAlias www.xxx.com
ServerAlias webmail.xxx.com
ServerAlias admin.xxx.com
DocumentRoot /home/xxx/public_html
ErrorLog /var/log/virtualmin/xxx.com_error_log
CustomLog /var/log/virtualmin/xxx.com_access_log combined
ScriptAlias /cgi-bin/ /home/xxx/cgi-bin/
ScriptAlias /awstats/ /home/xxx/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/xxx/public_html>
Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
AddType application/x-httpd-php .php
</Directory>
<Directory /home/xxx/cgi-bin>
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
</Directory>
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.xxx.com
RewriteRule ^(.*) https://xxx.com:20000/ [R]
RewriteCond %{HTTP_HOST} =admin.xxx.com
RewriteRule ^(.*) https://xxx.com:10000/ [R]
RemoveHandler .php
RemoveHandler .php5
php_admin_value engine Off
Alias /dav /home/xxx/public_html
<Location /dav>
DAV on
AuthType Basic
AuthName "xxx.com"
AuthUserFile /home/xxx/etc/dav.digest.passwd
Require valid-user
ForceType text/plain
Satisfy All
RemoveHandler .php
RemoveHandler .php5
RewriteEngine off
</Location>
<Files awstats.pl>
AuthName "xxx.com statistics"
AuthType Basic
AuthUserFile /home/xxx/.awstats-htpasswd
require valid-user
</Files>
php_value memory_limit 32M
ProxyPassMatch ^/(.*.php(/.*)?)$ fcgi://localhost:8000/home/xxx/public_html/$1
</VirtualHost>
 
Any help is appreciated.
Thank you
7 REPLIES 7

Re: error log .htaccess: Option FollowSymLinks not allowed here on centos 7 500 internal server erro

Replace "Option FollowSymLinks" with Options +SymLinksIfOwnerMatch

Re: error log .htaccess: Option FollowSymLinks not allowed here on centos 7 500 internal server erro

did not work for me

Re: error log .htaccess: Option FollowSymLinks not allowed here on centos 7 500 internal server erro

Hi @vachikg

 

Open your .htaccess file of the magento 2 root directory and add below code in it :

 

############################################
## overrides deployment configuration mode value
## use command bin/magento deploy:mode:set to switch modes

#   SetEnv MAGE_MODE developer

############################################
## uncomment these lines for CGI mode
## make sure to specify the correct cgi php binary file name
## it might be /cgi-bin/php-cgi

#    Action php5-cgi /cgi-bin/php5-cgi
#    AddHandler php5-cgi .php

############################################
## GoDaddy specific options

#   Options -MultiViews

## you might also need to add this line to php.ini
##     cgi.fix_pathinfo = 1
## if it still doesn't work, rename php.ini to php5.ini

############################################
## this line is specific for 1and1 hosting

    #AddType x-mapp-php5 .php
    #AddHandler x-mapp-php5 .php

############################################
## default index file

    DirectoryIndex index.php

<IfModule mod_php5.c>
############################################
## adjust memory limit

    php_value memory_limit 756M
    php_value max_execution_time 18000

############################################
## disable automatic session start
## before autoload was initialized

    php_flag session.auto_start off

############################################
## enable resulting html compression

    #php_flag zlib.output_compression on

###########################################
## disable user agent verification to not break multiple image upload

    php_flag suhosin.session.cryptua off
</IfModule>
<IfModule mod_php7.c>
############################################
## adjust memory limit

    php_value memory_limit 756M
    php_value max_execution_time 18000

############################################
## disable automatic session start
## before autoload was initialized

    php_flag session.auto_start off

############################################
## enable resulting html compression

    #php_flag zlib.output_compression on

###########################################
## disable user agent verification to not break multiple image upload

    php_flag suhosin.session.cryptua off
</IfModule>
<IfModule mod_security.c>
###########################################
## disable POST processing to not break multiple image upload

    SecFilterEngine Off
    SecFilterScanPOST Off
</IfModule>

<IfModule mod_deflate.c>

############################################
## enable apache served files compression
## http://developer.yahoo.com/performance/rules.html#gzip

    # Insert filter on all content
    ###SetOutputFilter DEFLATE
    # Insert filter on selected content types only
    #AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript application/json image/svg+xml

    # Netscape 4.x has some problems...
    #BrowserMatch ^Mozilla/4 gzip-only-text/html

    # Netscape 4.06-4.08 have some more problems
    #BrowserMatch ^Mozilla/4\.0[678] no-gzip

    # MSIE masquerades as Netscape, but it is fine
    #BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

    # Don't compress images
    #SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary

    # Make sure proxies don't deliver the wrong content
    #Header append Vary User-Agent env=!dont-vary

</IfModule>

<IfModule mod_ssl.c>

############################################
## make HTTPS env vars available for CGI mode

    SSLOptions StdEnvVars

</IfModule>

############################################
## workaround for Apache 2.4.6 CentOS build when working via ProxyPassMatch with HHVM (or any other)
## Please, set it on virtual host configuration level

##    SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
############################################

<IfModule mod_rewrite.c>

############################################
## enable rewrites

    Options +FollowSymLinks
    RewriteEngine on

############################################
## you can put here your magento root folder
## path relative to web root

    #RewriteBase /magento/

############################################
## workaround for HTTP authorization
## in CGI environment

    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

############################################
## TRACE and TRACK HTTP methods disabled to prevent XSS attacks

    RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
    RewriteRule .* - [L,R=405]

############################################
## redirect for mobile user agents

    #RewriteCond %{REQUEST_URI} !^/mobiledirectoryhere/.*$
    #RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
    #RewriteRule ^(.*)$ /mobiledirectoryhere/ [L,R=302]

############################################
## never rewrite for existing files, directories and links

    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-l

############################################
## rewrite everything else to index.php

    RewriteRule .* index.php [L]

</IfModule>


############################################
## Prevent character encoding issues from server overrides
## If you still have problems, use the second line instead

    AddDefaultCharset Off
    #AddDefaultCharset UTF-8
    AddType 'text/html; charset=UTF-8' html

<IfModule mod_expires.c>

############################################
## Add default Expires header
## http://developer.yahoo.com/performance/rules.html#expires

    ExpiresDefault "access plus 1 year"
    ExpiresByType text/html A0
    ExpiresByType text/plain A0

</IfModule>

###########################################
## Deny access to root files to hide sensitive application information
    RedirectMatch 403 /\.git

    <Files composer.json>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files composer.lock>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files .gitignore>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files .htaccess>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files .htaccess.sample>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files .php_cs.dist>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files .travis.yml>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files CHANGELOG.md>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files CONTRIBUTING.md>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files COPYING.txt>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files Gruntfile.js>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files LICENSE.txt>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files LICENSE_AFL.txt>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files nginx.conf.sample>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files package.json>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files php.ini.sample>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files README.md>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files auth.json>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>
    <Files magento_umask>
        <IfVersion < 2.4>
            order allow,deny
            deny from all
        </IfVersion>
        <IfVersion >= 2.4>
            Require all denied
        </IfVersion>
    </Files>

# For 404s and 403s that aren't handled by the application, show plain 404 response
ErrorDocument 404 /pub/errors/404.php
ErrorDocument 403 /pub/errors/404.php

################################
## If running in cluster environment, uncomment this
## http://developer.yahoo.com/performance/rules.html#etags

    #FileETag none

# ######################################################################
# # INTERNET EXPLORER                                                  #
# ######################################################################

# ----------------------------------------------------------------------
# | Document modes                                                     |
# ----------------------------------------------------------------------

# Force Internet Explorer 8/9/10 to render pages in the highest mode
# available in the various cases when it may not.
#
# https://hsivonen.fi/doctype/#ie8
#
# (!) Starting with Internet Explorer 11, document modes are deprecated.
# If your business still relies on older web apps and services that were
# designed for older versions of Internet Explorer, you might want to
# consider enabling `Enterprise Mode` throughout your company.
#
# https://msdn.microsoft.com/en-us/library/ie/bg182625.aspx#docmode
# http://blogs.msdn.com/b/ie/archive/2014/04/02/stay-up-to-date-with-enterprise-mode-for-internet-explorer-11.aspx

<IfModule mod_headers.c>

    Header set X-UA-Compatible "IE=edge"

    # `mod_headers` cannot match based on the content-type, however,
    # the `X-UA-Compatible` response header should be send only for
    # HTML documents and not for the other resources.

    <FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
        Header unset X-UA-Compatible
    </FilesMatch>

</IfModule>

 

 

then check ! it will works 

if issue solved,Click Kudos & Accept as Solution

Re: error log .htaccess: Option FollowSymLinks not allowed here on centos 7 500 internal server erro

Only remove Options line

 

Options +FollowSymLinks

It's don't need it!

Re: error log .htaccess: Option FollowSymLinks not allowed here on centos 7 500 internal server erro

Find any solution? I am facing the same issue in my store.
when I have remove .htaccessfile then frontend work but other URLs are not working and after adding the .htaccess file nothing is accessible and an internal server error is displayed on every URLs.
I have try by edit /etc/apache2/apache2.conf 
My domain is pointed to /home/sitename/public_html/

 159  <Directory />
   160          Options FollowSymLinks
   161          AllowOverride None
   162          Require all denied
   163  </Directory>
   164
   165  <Directory /usr/share>
   166          AllowOverride None
   167          Require all granted
   168  </Directory>
   169
   170  <Directory /var/www/>
   171          Options Indexes FollowSymLinks
   172          AllowOverride None
   173          Require all granted
   174  </Directory>
   175
   176  #<Directory /srv/>
   177  #       Options Indexes FollowSymLinks
   178  #       AllowOverride None
   179  #       Require all granted
   180  #</Directory>

I have changed  AllowOverride None to All but not work.
I have also added this code but not work

<Directory /home/sitename/public_html>
     AllowOverride None
     Require all granted
 </Directory>

I have tried to edit site-available/sitename.com.conf

 <Directory /home/sitename/public_html>
    15  Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
    16  allow from all
    17  AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
    18  Require all granted
    19  AddType application/x-httpd-php .php
    20  AddHandler fcgid-script .php
    21  AddHandler fcgid-script .php7.2
    22  AddHandler fcgid-script .php7.4
    23  FCGIWrapper /home/sitename/fcgi-bin/php7.4.fcgi .php
    24  FCGIWrapper /home/sitename/fcgi-bin/php7.2.fcgi .php7.2
    25  FCGIWrapper /home/sitename/fcgi-bin/php7.4.fcgi .php7.4
    26  </Directory>

Set AllowOverride None to All but not work.

How you resolve this issue?

 

Re: error log .htaccess: Option FollowSymLinks not allowed here on centos 7 500 internal server erro

After update magento 2 root htaccess file issue is resolved.

############################################
## enable rewrites

    # The following line has better security but add some performance overhead - see https://httpd.apache.org/docs/2.4/en/misc/perf-tuning.html
    #Options -FollowSymLinks +SymLinksIfOwnerMatch
    Options +SymLinksIfOwnerMatch
    RewriteEngine on

############################################

I have remove -FollowSymLinks 
and now all thing works fine.

Thank you.

Re: error log .htaccess: Option FollowSymLinks not allowed here on centos 7 500 internal server erro

If yoy use Plesk: Go to Domains > example.com > Hosting & DNS > Apache & nginx Settings and disable the option Restrict the ability to follow symbolic links.