Apache2 DirectoryIndex Issue

Skittles picture Skittles · Jun 20, 2011 · Viewed 7k times · Source

I am a little stuck and am sure that this is a trivial problem, but just can't seem to find the right solution.

I have a local development server running apache2 w/mod_ssl & mod_rewrite. I created a self-signed cert and added the respective virtual host directive for *:443. The issue I seem to be having is that now that I have the SSL side of things working properly. And when I say properly, I mean that I can go to the https url of my site (e.g. https://dev.mysite/) without adding index.php and it pulls up the index.php just fine.

But when I go to the regular http url of the site, I have to type in the index.php to see the site. (e.g. http://dev.mysite/index.php)

I tried adding a DirectoryIndex directive to the *:80 block, but this still doesn't appear to work.

Below is the virtual host file contents if that helps at all;

ServerName dev.mysite

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/vhosts/bsah_dev/mysite

    <Directory />
            DirectoryIndex index.php
            Options Indexes FollowSymLinks
            AllowOverride None
    </Directory>
    <Directory /var/www/vhosts/bsah_dev/mysite/>
            DirectoryIndex index.html index.htm index.php
            Options Indexes FollowSymLinks MultiViews
            AllowOverride None
            Order allow,deny
            allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
            AllowOverride None
            Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
            Order allow,deny
            Allow from all
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
            Options Indexes MultiViews FollowSymLinks
            AllowOverride None
            Order deny,allow
            Deny from all
            Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/vhosts/bsah_dev/mysite

    SSLEngine On

    <Directory /var/www/vhosts/bsah_dev/mysite>
            <IfModule mod_rewrite.c>
                    RewriteEngine on
                    RewriteCond %{HTTPS} !^on$ [NC]
                    RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI}  [L]
            </IfModule>
    </Directory>

    SSLOptions +StrictRequire

    SSLCertificateFile /etc/apache2/ssl.crt/server.crt
    SSLCertificateKeyFile /etc/apache2/ssl.key/server.key
</VirtualHost>

Answer

Bruno picture Bruno · Jun 20, 2011

A few comments on your configuration, which may help you fix this problem:

<Directory />
        DirectoryIndex index.php
        Options Indexes FollowSymLinks
        AllowOverride None
</Directory>

That's quite unusual: normally, you wouldn't grant access to anything for the root directory (of your machine, not your document root). See the Directory documentation, which suggests using this:

<Directory />
    Order Deny,Allow
    Deny from All
</Directory> 

This should work as expected in your configuration:

<Directory /var/www/vhosts/bsah_dev/mysite/>
        DirectoryIndex index.html index.htm index.php
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
</Directory>

(This being said, index.php will only be used if there's no index.html or index.htm found first.)

The DirectoryIndex documentation says it can be placed in "server config, virtual host, directory, .htaccess" (see "Context"). It also works within the Directory directive (and such values will override the values you'd find at the VirtualHost or server level).

This rule, in the HTTPS section doesn't make sense:

<Directory /var/www/vhosts/bsah_dev/mysite>
        <IfModule mod_rewrite.c>
                RewriteEngine on
                RewriteCond %{HTTPS} !^on$ [NC]
                RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI}  [L]
        </IfModule>
</Directory>

You're using a rewrite rule to redirect to the equivalent https:// URL. However, this rule is in the section where SSL is enabled, so you're redirecting from https:// to https://, not from http://.