.htaccess issues?


#1

Hello,

all .png images are disallowed in my PIWIK Installation
Look here:
http://www.scharff-medical-consulting.de/piwik/

Anyway: I used the standard piwik files, so everything should be OK

So what is wrong?


cat /etc/apache2/sites-enabled/scharffmedicalconsulting.conf

<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request’s Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName www.scharff-medical-consulting.de

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/scharffmedicalconsulting
    <Directory /var/www/scharffmedicalconsulting/>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride FileInfo Options
            Order allow,deny
            allow from all
    </Directory>

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined



    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf

vim: syntax=apache ts=4 sw=4 sts=4 sr noet

cat /var/www/scharffmedicalconsulting/.htaccess

@package Joomla

@copyright Copyright © 2005 - 2015 Open Source Matters. All rights reserved.

@license GNU General Public License version 2 or later; see LICENSE.txt

READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!

The line just below this section: ‘Options +FollowSymLinks’ may cause problems

with some server configurations. It is required for use of mod_rewrite, but may already

be set by your server administrator in a way that disallows changing it in

your .htaccess file. If using it causes your server to error out, comment it out (add # to

beginning of line), reload your site in your browser and test your sef url’s. If they work,

it has been set by your server administrator and you do not need it set here.

No directory listings

##IndexIgnore *

Can be commented out if causes errors, see notes above.

Options +FollowSymlinks
Options -Indexes

Mod_rewrite in use.

RewriteEngine On

Begin - Rewrite rules to block out some common exploits.

If you experience problems on your site block out the operations listed below

This attempts to block the most common type of exploit attempts to Joomla!

Block out any script trying to base64_encode data within the URL.

RewriteCond %{QUERY_STRING} base64_encode[^(]([^)]) [OR]

Block out any script that includes a tag in URL.

RewriteCond %{QUERY_STRING} (<|%3C)([^s]s)+cript.(>|%3E) [NC,OR]

Block out any script trying to set a PHP GLOBALS variable via URL.

RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]

Block out any script trying to modify a _REQUEST variable via URL.

RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})

Return 403 Forbidden header and show the content of the root homepage

RewriteRule .* index.php [F]

End - Rewrite rules to block out some common exploits.

Begin - Custom redirects

If you need to redirect some pages, or set a canonical non-www to

www redirect (or vice versa), place that code here. Ensure those

redirects use the correct RewriteRule syntax and the [R=301,L] flags.

End - Custom redirects

Uncomment following line if your webserver’s URL

is not directly related to physical file paths.

Update Your Joomla! Directory (just / for root).

RewriteBase /

Begin - Joomla! core SEF Section.

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

If the requested path and file is not /index.php and the request

has not already been internally rewritten to the index.php script

RewriteCond %{REQUEST_URI} !^/index.php

and the requested path and file doesn’t directly match a physical file

RewriteCond %{REQUEST_FILENAME} !-f

and the requested path and file doesn’t directly match a physical folder

RewriteCond %{REQUEST_FILENAME} !-d

internally rewrite the request to the index.php script

RewriteRule .* index.php [L]

End - Joomla! core SEF Section.

cat /var/www/scharffmedicalconsulting/piwik/plugins/.htaccess

First, deny access to all files in this directory

<Files “*”>

<IfVersion < 2.4>
Order Deny,Allow
Deny from All

= 2.4>
Require all denied


<IfModule !mod_version.c>
<IfModule !mod_authz_core.c>
Order Deny,Allow
Deny from All


Require all denied


Serve HTML files as text/html mime type - Note: requires mod_mime apache module!

AddHandler text/html .html AddHandler text/html .htm

Allow to serve static files which are safe

<Files ~ “.(gif|ico|jpg|png|svg|js|css|htm|html|swf|mp3|mp4|wav|ogg|avi)$”>

<IfVersion < 2.4>
Order Allow,Deny
Allow from All

= 2.4>
Require all granted


<IfModule !mod_version.c>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Allow from All


Require all granted