Php and symlinks

marciano · December 20, 2012, 1:57pm

Hello,

I got some yellow warnings about vulnerabilities in main VM screen.
One is about php and symlinks

Auto fix changed
Options Indexes IncludesNOEXEC FollowSymLinks +ExecCGI
allow from all
AllowOverride All

to

Options Indexes IncludesNOEXEC SymLinksifOwnerMatch +ExecCGI
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch

This got me a lot of internal server errors like
.htaccess directive
RewriteRule ^es=(.*)$ index.php?t=$1 [NC,L,R]

What do you suggest?
Thank you

Eric · December 20, 2012, 2:56pm

Howdy,

It sounds like it’s describing a problem with your .htaccess files… can you paste in the entire error that you’re seeing from the Apache error logs in $HOME/logs/error_log?

And perhaps include the contents of the .htaccess file it’s referring to.

Thanks!

-Eric

marciano · December 20, 2012, 8:48pm

Hello Eric,

This is a part of that .htaccess

RewriteEngine on
Options +FollowSymlinks
RewriteBase /
RewriteRule ^.htaccess$ - [F]

I commented the followSymlinks line and went back to auto fix configuration and all is fine.

Is this enough or should I add other symlink option?

Thank you,
M

Eric · December 20, 2012, 9:13pm

Yup, that should be plenty!

Alternatively, if your app needs to use symlinks, you could change “FollowSymlinks” to read “SymLinksIfOwnerMatch”.

-Eric

marciano · December 21, 2012, 11:55am

Thank you Eric!