Understand default .htaccess file configuration

NOTE: We are in the process of modifying the file structure and configuration for many Bitnami stacks. On account of these changes, the file paths stated in this guide may change depending on whether your Bitnami stack uses native Linux system packages (Approach A), or if it is a self-contained installation (Approach B). To identify your Bitnami installation type and what approach to follow, run the command below:
 $ test ! -f "/opt/bitnami/common/bin/openssl" && echo "Approach A: Using system packages." || echo "Approach B: Self-contained installation."
The output of the command indicates which approach (A or B) is used by the installation, and will allow you to identify the paths, configuration and commands to use in this guide. Refer to the FAQ for more information on these changes.

One of our main goals is to configure Bitnami applications in the most secure way. For this reason, we moved the configuration in the .htaccess files to the main application configuration files and set the AllowOverride option to None by default, if supported by the application.

NOTE: The Apache Software Foundation also recommends this configuration. To quote: “For security and performance reasons, do not set AllowOverride to anything other than None in your <Directory “/"> block. Instead, find (or create) the block that refers to the directory where you’re actually planning to place a .htaccess file.”

Approach A: Bitnami installations using system packages

Understand .htaccess files

If the application supports using .htaccess files from custom locations, the contents of this file can be found in the /opt/bitnami/apache2/conf/vhosts/htaccess/APPNAME-htaccess.conf file. For example:

The /opt/bitnami/apache2/conf/vhosts/APPNAME-vhost.conf file is the main application configuration file. It also sources the APPNAME-htaccess.conf file.

  <VirtualHost 127.0.0.1:80 _default_:80>
    ServerAlias *
    DocumentRoot /opt/bitnami/APPNAME
    <Directory "/opt/bitnami/APPNAME">
      Options -Indexes +FollowSymLinks -MultiViews
      AllowOverride All
      Require all granted
    </Directory>
  </VirtualHost>
  Include "/opt/bitnami/apache2/conf/vhosts/htaccess/APPNAME-htaccess.conf"

The /opt/bitnami/apache2/conf/vhosts/htaccess/APPNAME-htaccess.conf file ships the content of all .htaccess files required by the application. It typically looks like this:

  <Directory "/opt/bitnami/APPNAME/cache">
    Deny from all
  </Directory>
  <Directory "/opt/bitnami/APPNAME/images">
    # Protect against bug 28235
    <IfModule rewrite_module>
      RewriteEngine On
      RewriteCond %{QUERY_STRING} \.[^\\/:*?\x22<>|%]+(#|\?|$) [nocase]
      RewriteRule . - [forbidden]
    </IfModule>
  </Directory>
  <Directory "/opt/bitnami/APPNAME/includes">
    Deny from all
  </Directory>
  <Directory "/opt/bitnami/APPNAME/languages">
    Deny from all
  </Directory>
  <Directory "/opt/bitnami/APPNAME/maintenance">
    Deny from all
  </Directory>
  <Directory "/opt/bitnami/APPNAME/maintenance/archives">
    Deny from all
  </Directory>
  <Directory "/opt/bitnami/APPNAME/serialized">
    Deny from all
  </Directory>

If not, the .htaccess file can be found at /opt/bitnami/APPNAME/.htaccess.

Add a new section in the .htaccess file when installing a plugin

Some plugins, during their installation, create a .htaccess file in either the /opt/bitnami/APPNAME/ or in the /opt/bitnami/apps/APPNAME/plugins/ directory that cannot be read by Apache. For that reason, we recommend moving the content of that file to the /opt/bitnami/apache2/conf/vhosts/htaccess/APPNAME-htaccess.conf file. Follow these steps:

Add a new entry in the /opt/bitnami/apache2/conf/vhosts/htaccess/APPNAME-htaccess.conf file specifying the path where the htaccess file is (/opt/bitnami/APPNAME/ or /opt/bitnami/htdocs//plugins/) and pasting below the content of that file.

NOTE: CONTENT is a placeholder, replace it with the content of the /opt/bitnami/APPNAME/.htaccess file created by the plugin.
```
  ...
  <Directory "/opt/bitnami/APPNAME">
  CONTENT
  </Directory>
```

Restart Apache to make the changes take effect:

  $ sudo /opt/bitnami/ctlscript.sh restart apache

Approach B: Self-contained Bitnami installations

Understand .htaccess files

If the application supports using .htaccess files from custom locations, the contents of this file can be found in the /opt/bitnami/apps/APPNAME/conf/htaccess.conf file. For example:

The /opt/bitnami/apps/APPNAME/conf/httpd-app.conf file is the main application configuration file. It also sources the htaccess.conf file.

  <Directory "/opt/bitnami/apps/APPNAME/htdocs">
      Options +MultiViews
      AllowOverride None
      <IfVersion < 2.3 >
      Order allow,deny
      Allow from all
      </IfVersion>
      <IfVersion >= 2.3>
      Require all granted
      </IfVersion>
  </Directory>
  Include "/opt/bitnami/apps/APPNAME/conf/htaccess.conf"

The /opt/bitnami/apps/APPNAME/conf/htaccess.conf file ships the content of all .htaccess files required by the application. It typically looks like this:

  <Directory /opt/bitnami/apps/APPNAME/htdocs/cache>
    Deny from all
  </Directory>
  <Directory /opt/bitnami/apps/APPNAME/htdocs/images>
    # Protect against bug 28235
    <IfModule rewrite_module>
      RewriteEngine On
      RewriteCond %{QUERY_STRING} \.[^\\/:*?\x22<>|%]+(#|\?|$) [nocase]
      RewriteRule . - [forbidden]
    </IfModule>
  </Directory>
  <Directory /opt/bitnami/apps/APPNAME/htdocs/includes>
    Deny from all
  </Directory>
  <Directory /opt/bitnami/apps/APPNAME/htdocs/languages>
    Deny from all
  </Directory>
  <Directory /opt/bitnami/apps/APPNAME/htdocs/maintenance>
    Deny from all
  </Directory>
  <Directory /opt/bitnami/apps/APPNAME/htdocs/maintenance/archives>
    Deny from all
  </Directory>
  <Directory /opt/bitnami/apps/APPNAME/htdocs/serialized>
    Deny from all
  </Directory>

If not, the .htaccess file can be found at /opt/bitnami/apps/APPNAME/htdocs/.htaccess.

Watch the following video to learn how to configure .htaccess file (this video uses WordPress as a sample application):

Add a new section in the .htaccess file when installing a plugin

Some plugins, during their installation, create a .htaccess file in either the /opt/bitnami/apps/APPNAME/htdocs/ or in the /opt/bitnami/apps/APPNAME/htdocs//plugins directory that cannot be read by Apache. For that reason, we recommend moving the content of that file to the /opt/bitnami/apps/APPNAME/conf/htaccess.conf file. Follow these steps:

Add a new entry in the /opt/bitnami/apps/APPNAME/conf/htaccess.conf file specifying the path where the htaccess file is (/opt/bitnami/apps/APPNAME/htdocs/ or /opt/bitnami/apps/APPNAME/htdocs//plugins) and pasting below the content of that file.

NOTE: CONTENT is a placeholder, replace it with the content of the /opt/bitnami/apps/APPNAME/htdocs/.htaccess file created by the plugin.
```
  ...
  <Directory "/opt/bitnami/apps/APPNAME/htdocs/">
  CONTENT
  </Directory>
```

Restart Apache to make the changes take effect:

  $ sudo /opt/bitnami/ctlscript.sh restart apache

Kubeapps

Kubernetes Tutorials

Documentation

Tutorials

Support

Open Source

We're hiring

Resources

Newsroom

About Us

Careers

Partners

Understand default .htaccess file configuration

Approach A: Bitnami installations using system packages

Understand .htaccess files

Add a new section in the .htaccess file when installing a plugin

Approach B: Self-contained Bitnami installations

Understand .htaccess files

Add a new section in the .htaccess file when installing a plugin

Products

Projects

Solutions

Company

Legal

Support