Apache mod_rewrite

When enabling mod_rewrite on apache after reloading the configuration a 403 error was given. This was because Options -FollowSymLinks was used in the <Directory> configuration.

This is because follow symlinks is required for per-directory rewrites as described in the apache module manual. “To enable the rewrite engine in this context, you need to set ”

RewriteEngine On

” and ”

Options FollowSymLinks

” must be enabled. If your administrator has disabled override of 

FollowSymLinks

 for a user’s directory, then you cannot use the rewrite engine.” http://httpd.apache.org/docs/current/mod/mod_rewrite.html

Follow symlinks was disabled beforehand to prevent using symlinks to gain access into the rest of the file system when using scripts. I thought when I disabled symlinks this was related to the php configuration open_basedir which I wanted to use to prevents the php script getting access outside of this directory (but sub directories are ok).

On the php documentation http://php.net/manual/en/ini.core.php#ini.open-basedir “All symbolic links are resolved, so it’s not possible to avoid this restriction with a symlink” which sound like good news. If a symlink is created to link to outside of the open_basedir then php should resolve this and reject the file operations.