Afterr upgrading to Piwik 3.0.0 i had the following issues:
[Mon Dec 19 07:44:46 2016] [alert] [client 184.108.40.206] /data/<docroot>**/piwik/libs/.htaccess: AddHandler not allowed here**, referer: https://piwik.domain.de/index.php?module=CoreUpdater&action=newVersionAvailable and the next one: [Mon Dec 19 07:48:42 2016] [alert] [client 220.127.116.11] /data/<docroot>**/piwik/plugins/.htaccess: Options not allowed here**, referer: https://piwik.domain.de/index.php?module=MultiSites&action=index&idSite=1&period=day&date=today
I have a Debian Wheezy and a Apache
Server version: Apache/2.2.22 (Debian) Server built: Jul 20 2016 05:07:11
As figured out from another one (https://forum.piwik.org/t/internal-server-error-after-upgrade-to-3-0/22163) The Issue is gone, while i comment out the Options Line./piwik/plugins/.htaccess: ``` Order Allow,Deny Allow from All Require all granted **#Options -Indexes** ``` The AddHandler Issue i couldn't solve at this point! /piwik/libs/.htaccess: ``` # Serve HTML files as text/html mime type - Note: requires mod_mime apache module! ** AddHandler text/html .html ** ** AddHandler text/html .htm ** ``` Thank you all very much for your great job with piwik! Kind regards, Axel
Same problem here after Upgrade to Piwik 3.0.0!
If I comment out the "Option -Indexes" Line in some .htaccess files, it works.
But after that, there are still more problems.
Problem User Country Plugin
PHP Fatal error: Cannot redeclare class Piwik\Plugins\UserCountry\LocationProvider\DefaultProvider in [...]/piwik/plugins/UserCountry/LocationProvider/Default.php on line 0
If I want to open the page "Administration > System > Geolocation" I get an 500 Error (Internal Server Error).
If I try to open the site "Administartion > Systemcheck", I also get a 500 Error Message.
Same problem here. Deleting the line helps, but I fear that I would have to do it for every update. Directory indexes are switched off by default anyway by my provider.
This problem certainly depends on the web server configuration, but my influence on the provider about the config is limited (HostEurope WebPack 4 here).
I'd like to help solve the
Option -Indexes issues. Unfortunately after searching for 10min I couldn't find why it's not working, or rather I couldn't find how to make it work.
Could you please try the following:
<IfModule mod_version.c> Option -Indexes </IfModule>
-> Do you get the error back, or is Piwik working the same as when you removed this line originally?
Hi Matthieu thanks for your answer.
i 've tried it at my server, but unfortunately it doesn't work!**/piwik/libs/.htaccess ``` Order Allow,Deny Allow from All Require all granted #Options -Indexes Options -Indexes ``` => Your hint with "Option" is wrong. The parameter should be "Option**s**" I will try to investigate too... but i'am not really sure if i'am able to help Kind regards, Axel
If you find the solution of how we could safely call
Options -Indexes please let me know. For now we've removed it again from the htaccess (will be in 3.0.1)
thank you very much for your answer.
I'am currently not sure, why the setting is in my vhost-definition from my apache server. I had to allow the Options setting there.
[...] <Directory /> Options FollowSymLinks # Piwik Issue https://github.com/piwik/piwik/issues/11040#issuecomment-269140850 # adding the "Options" to AllowOverride **AllowOverride AuthConfig Limit Options** [...]
Maybe it is worth to give a hint in the update guide to check, that AllowOverride [...] Options is allowed, so that you could set this within the .htaccess Files.
Additiona i would like to wish, that a general vhost setting and securing guide will be written. I think most of the people do her own settings there. Depending on every person or admin, of course, the settings will be different.
Maybe this could added to the Piwik securing guide: http://piwik.org/docs/how-to-secure-piwik/
For my second issue (please see above ---- /piwik/libs/.htaccess: AddHandler not allowed here --- ) i will investigate too.
now a little bit more belonging the issue with "AddHandler not allowed here"
[Mon Dec 19 07:44:46 2016] [alert] [client 18.104.22.168] /data/<docroot>**/piwik/libs/.htaccess: AddHandler not allowed here**, referer: https://piwik.domain.de/index.php?module=CoreUpdater&action=newVersionAvailable
If i have a look at the following documentation: http://httpd.apache.org/docs/2.2/mod/mod_mime.html#addhandler
I have to add the FileInfo setting to my vhost-configuration!
# Piwik Issue https://github.com/piwik/piwik/issues/11040#issuecomment-269140850 # adding the "Options" to AllowOverride AllowOverride AuthConfig Limit Options FileInfo
In my opinion, if all users who had this problem, add the following "Options" and "FileInfo" to the vhost configuration, the should solve the issue also for the future!
AllowOverride AuthConfig Limit **Options FileInfo**
By the way, why it is absolutely necessary to have the following AddHandler statements in the "/piwik/libs/.htaccess" file???
# Serve HTML files as text/html mime type - Note: requires mod_mime apache module! <IfModule mod_mime.c> AddHandler text/html .html AddHandler text/html .htm </IfModule>
Are you really sure, that you need it?
additional, i saw in this moment, that i've already added the AddHandler statement to my vhost configuration:
<DirectoryMatch "^/data/apache/piwik/(libs|config|core|lang|tmp|vendor)"> Options FollowSymLinks AllowOverride Options FileInfo Order Allow,Deny deny from all # Serve HTML files as text/html mime type **AddHandler text/html .html** **AddHandler text/html .htm**
But i'am not sure, for which reason, i've already configured this! Maybe because of the recommendations from the Securing Piwik settings??
So guarding it with
does not help.
I think the problem is that Options is just not included in my provider's AllowOverride configuration.
Apache complains and responds 500, even though Piwik's .htaccess would not even change the value, AFAIK directory indexes are already switched off by default.
I have only very limited access to the Apache configuration, I cannot change the AllowOverride configuration for Apache. So I would prefer that Piwik only shows a warning instead of trying to disable indexes by itself. Otherwise I cannot run an unpatched Piwik on my webspace anymore.
So thanks for removing the line, I don't see another option in my case, at least.