Question

I've followed your installation instructions and everything works on my Linux RHES server, except for access control with .htaccess. If I activate .htaccess files (with AllowOverride All in the twiki/bin directory in httpd.conf), none of my twiki pages appear (except the documentation, since the redirect instruction in root's .htaccess also does not work), and I get apache internal server error 500. With .htaccess disabled, all my twiki pages work but of course there's no prompt to log in before editing anything. I can use a generated-by-apache AuthUserFile and link to it (also from the twiki/bin directory in httpd.conf), but then the user is prompted to log on before seeing any Twiki pages. I'm using a virtual host for twiki, but it's correctly configured or I would see the same errors without the .htaccess controls. Here's the error log output: /var/www/html/twiki/bin/.htaccess: Invalid command '/var/www/html/twiki', perhaps mis-spelled or defined by a module not included in the server configuration

Environment

path to bin: /var/www/html/twiki/bin
path to lib: /var/www/html/twiki/lib

httpd.conf:
ScriptAlias /twiki/bin/ "/var/www/html/twiki/bin/"
Alias /twiki.cerebellum.biz/  "/var/www/html/twiki/"

TWiki.cfg:
#                   URL for TWiki host :    (e.g. "http://myhost.com:123")
$defaultUrlHost   = "http://twiki.cerebellum.biz";
#                   %SCRIPTURLPATH% : cgi-bin URL path for TWiki:
$scriptUrlPath    = "/bin";
#                   URL path to scripts used to render links.  Change if using redirection to shorten URLs
$dispScriptUrlPath = $scriptUrlPath;
#$dispScriptUrlPath = "/bin";
#                   URL path to view script used to render links, relative to $dispScriptUrlPath
$dispViewPath     = "/view";
#                   %PUBURLPATH% : Public data URL path for TWiki (root of attachments) :
$pubUrlPath       = "/pub";
#                   Public data directory (file path not URL), must match $pubUrlPath :
$pubDir           = "/var/www/html/twiki/pub";
#                   Template directory :
$templateDir      = "/var/www/html/twiki/templates";
#                   Data (topic files) root directory (file path not URL):
$dataDir          = "/var/www/html/twiki/data";
#                   Log directory for log files, debug and warning files. Default "$dataDir" :
$logDir           = "$dataDir";

#                   %SCRIPTSUFFIX% : Suffix of TWiki Perl scripts (e.g. ".pl") :
$scriptSuffix     = "";
#                   Regex security filter for uploaded (attached) files :
#                   (Matching filenames will have a ".txt" appended)
#          WARNING: Be sure to update this list with any
#          configuration or script filetypes that are
#          automatically run by your web server
$uploadFilter       = "^(\.htaccess|.*\.(?:php[0-9s]?|phtm[l]?|pl|py|cgi))\$";
#                   Set ENV{'PATH'} explicitly for taint checks ( #!perl -T option ) :
#                   (Note: PATH environment variable is not changed if set to "")
# $safeEnvPath - safe operating system PATH setting for use by TWiki scripts.
#
# ---- Check notes for your operating system and use appropriate line as model
# ---- Comment out unused lines (put '#' at start) and uncomment required line.
# ---- All Windows paths use '/' not '\' for simplicity.
#
# As long as you use full pathnames for $egrepCmd and similar (below),
# this path value is used only to find a shell (or cmd.exe) and by RCS programs
# to find 'diff'.
#
# >> Unix or Linux - ensure 'diff' and shell (Bourne or bash type) is found on
# this path.
# Separator is ':'
$safeEnvPath      = "/bin:/usr/bin";   # Unix/Linux

# >> Windows: Cygwin Perl and RCS - ensure 'diff' and 'bash' found on this path.
# Same format as Unix PATH, separator is ':' not ';'.  You must NOT use
# 'c:/foo' type paths, because ':' is taken as separator, meaning that
# 'c' is interpreted as a relative pathname, giving Perl 'Insecure
# directory in $ENV{PATH}' error on using 'Diffs' link.
# Separator is ':'
# $safeEnvPath      = "/bin";      # Cygwin - uncomment, no need to customise

# >> Windows: ActiveState Perl, with Cygwin RCS and PERL5SHELL set to
# 'c:/cygwin/bin/bash.exe -c'.  Same format as the normal Windows PATH,
# separator is ':' not ';'.  It's best to avoid 'c:/foo' type paths, 
# because in some cases these can cause a Perl 'Insecure directory 
# in $ENV{PATH}' error on using 'Diffs' link.  Since this setting is
# for Cygwin RCS, the best alternative is to convert 'c:/foo' to
# '/c/cygdrive/foo' - odd looking but it works!  The Windows system directory
# (e.g. /cygdrive/c/winnt/system32) is required in this path for commands
# using pipes to work (e.g. using the 'Index' link).
# NOTE: Customise this path based on your Cygwin and Windows directories
# Separator is ';'
# $safeEnvPath      = "/cygdrive/c/YOURCYGWINDIR/bin;/cygdrive/c/YOURWINDOWSDIR/system32";

# >> Windows: ActiveState Perl, with non-Cygwin RCS, OR no PERL5SHELL setting.
# Windows PATH, separator is ';'.  The Windows system directory
# (e.g. c:\winnt\system32) is required in this path for commands using pipes
# to work (e.g. using the 'Index' link). Must NOT use '/' in pathnames
# as this upsets cmd.exe - single '\' is OK using Perl single-quoted string.
# FIXME: needs testing, not currently recommended.
# NOTE: Customise this path based on your RCS and Windows directories
# Separator is ';'
# $safeEnvPath      = 'c:\YOUR_RCSPROGDIR\bin;c:\YOURWINDOWSDIR\system32';

#                   Mail program used in case Net::SMTP is not installed.
#                   See also SMTPMAILHOST in TWikiPreferences.
#          Windows: this setting is ignored, just use Net::SMTP.
$mailProgram      = "/usr/sbin/sendmail -t -oi -oeq";
#                   Prevent spambots from grabbing addresses, default "":
#                   e.g. set to "NOSPAM" to get "user@somewhereNOSPAM.com"
$noSpamPadding    = "";
#                   Pathname of mime types file that maps file suffixes to MIME types :
#                   For Apache server set this to Apache's mime.types file pathname.
#                   Default "$dataDir/mime.types"
$mimeTypesFilename = "$dataDir/mime.types";
#                   RCS directory (find out by 'which rcs') :
$rcsDir           = '/usr/bin';         # Unix, Linux and Cygwin
#                   Initialise RCS file, ignored if empty string,
#                   needed on Windows for binary files. Added JET 22-Feb-01
$rcsArg           = "";
$rcsArg = "-x,v" if( $OS eq "WINDOWS" );
#                   null device /dev/null for unix, NUL for windows
$nullDev = {
    UNIX=>'/dev/null', OS2=>'', WINDOWS=>'NUL', DOS=>'NUL', MACINTOSH=>'', VMS=>''
    }->{$OS};
#                   Store RCS history files in directory (RCS under content dir), default "0"
#                   Don't change this in a working installation, only change when initially setting up a TWiki installation
#                   You also need to create an RCS directory for each Web.  TWiki will create RCS directories under pub for attachments historys.
$useRcsDir        = "0";
# This should enable gathering of extra error information on most OSes.  However, won't work on NT4 unless unix like shell is used
$endRcsCmd        = "";
$endRcsCmd        = " 2>&1" if( $OS eq "UNIX" );
#                   Command quote ' for unix, \" for Windows
$cmdQuote         = "'";
$cmdQuote         = "\"" if( $OS eq "WINDOWS" );


# Choice and configuration of Storage implementation
# Currently select either:
# RcsWrap - use RCS executables, see TWiki::Store::RcsWrap.pm for explanation of storeSettings
# RcsLite - use a 100% Perl simplified implementation of Perl (NOT yet ready for production use)
$storeTopicImpl = "RcsWrap";
#$storeTopicImpl = "RcsLite";

#                   NOTE: You might want to avoid c: at start of cygwin unix command for
#                   Windows, seems to cause a problem with pipe used in search
#                   Unix ls command :  (deprecated since 01 Nov 2003)
$lsCmd            = "/bin/ls";
#                   Unix egrep command :
$egrepCmd         = "/bin/egrep";
#                   Unix fgrep command :
$fgrepCmd         = "/bin/fgrep";

#display Time in the following timezones (this only effects the display of times, all internal storage is still in GMT)
# gmtime / servertime
$displayTimeValues   = "gmtime";

# Set $useLocale to 1 to enable internationalisation support for
# 8-bit character sets
$useLocale = 0;

# Site-wide locale - used by TWiki and external programs such as grep,
#
$siteLocale = "en_US.ISO-8859-1";
#
# Examples only:  (choose suitable locale + charset for your own site)
#   $siteLocale = "de_AT.ISO-8859-15";   # Austria with ISO-8859-15 for Euro
#   $siteLocale = "ru_RU.KOI8-R";   # Russia
#   $siteLocale = "ja_JP.eucjp";   # Japan
#   $siteLocale = "C";         # English only, no I18N features

# Site character set override - set this only if you must match a specific
# locale (from 'locale -a') whose character set is not supported by your
# chosen conversion module (i.e. Encode for Perl 5.8 or higher, or
# Unicode::MapUTF8 for other Perl versions).  For example, the locale
# 'ja_JP.eucjp' exists on your system but only 'euc-jp' is supported by
# Unicode::MapUTF8, set $siteCharsetOverride to 'euc-jp'.  Leave this as ""
# if you don't have this problem.
$siteCharsetOverride = "";
# $siteCharsetOverride = "euc-jp";

# Set $localeRegexes to 0 to force explicit listing of national chars in
# regexes, rather than relying on locale-based regexes. Intended for Perl
# 5.6 or higher on platforms with broken locales: should only be set if
# you have locale problems with Perl 5.6 or higher.
$localeRegexes = 1;

# Using the recommended setup of Perl 5.6.1 with working locales avoids the
# need to set these parameters.
$upperNational = '';      # Upper case
$lowerNational = '';      # Lower case

# RCS keyword handling: change this to '' only if you want TWiki pages to
# include automatically-updated RCS ID keyword strings.  Leave this as
# '-ko' if you don't know what that means!  Default setting ensures that
# contents of TWiki pages are not changed by RCS. RcsLite always works in
# '-ko' mode.
$keywordMode = '-ko';

# Settings for Rcs (standard RCS programs) and RcsLite (built-in)
@storeSettings =
  (
    # RcsLite and Rcs
    dataDir         => $TWiki::dataDir,
    pubDir          => $TWiki::pubDir,
    attachAsciiPath => "\.(txt|html|xml|pl)\$",
    dirPermission   => 0775,
    useRcsDir       => $TWiki::useRcsDir,

    # Rcs only
    initBinaryCmd => "$rcsDir/rcs $rcsArg -q -i -t-none -kb %FILENAME% $endRcsCmd",
    tmpBinaryCmd  => "$rcsDir/rcs $rcsArg -q -kb %FILENAME% $endRcsCmd",
    ciCmd         => "$rcsDir/ci $rcsArg -q -l -m$cmdQuote%COMMENT%$cmdQuote -t-none -w$cmdQuote%USERNAME%$cmdQuote %FILENAME% $endRcsCmd",
    coCmd         => "$rcsDir/co $rcsArg -q -p%REVISION% $keywordMode %FILENAME% $endRcsCmd",
    histCmd       => "$rcsDir/rlog $rcsArg -h %FILENAME% $endRcsCmd",
    infoCmd       => "$rcsDir/rlog $rcsArg -r%REVISION% %FILENAME% $endRcsCmd",
    diffCmd       => "$rcsDir/rcsdiff $rcsArg -q -w -B -r%REVISION1% -r%REVISION2% $keywordMode --unified=%CONTEXT% %FILENAME% $endRcsCmd",
    breakLockCmd  => "$rcsDir/rcs $rcsArg -q -l -M %FILENAME% $endRcsCmd",
    ciDateCmd     => "$rcsDir/ci -l $rcsArg -q -mnone -t-none -d$cmdQuote%DATE%$cmdQuote -w$cmdQuote%USERNAME%$cmdQuote %FILENAME% $endRcsCmd",
    delRevCmd     => "$rcsDir/rcs $rcsArg -q -o%REVISION% %FILENAME% $endRcsCmd",
    unlockCmd     => "$rcsDir/rcs $rcsArg -q -u %FILENAME%  $endRcsCmd",
    lockCmd       => "$rcsDir/rcs $rcsArg -q -l %FILENAME% $endRcsCmd",
    tagCmd       => "$rcsDir/rcs $rcsArg -N%TAG%:%REVISION% %FILENAME% $endRcsCmd",
  );

#                   Regex security filter for web name, topic name, user name :
$securityFilter     = "[\\\*\?\~\^\$\@\%\`\"\'\&\;\|\<\>\x00-\x1F]";
#                   Default user name, default "guest" :
$defaultUserName    = "guest";
#                   Deprecated, replaced by %WIKITOOLNAME% preferences variable :
$wikiToolName     = "TWiki";
#                   Deprecated, here for compatibility :
$wikiHomeUrl      = "http://your.domain.com/twiki";
#                   Site Web.Topic name, e.g. "Main.TokyoOffice". Default "" :
$siteWebTopicName = "";
#                   %MAINWEB% : Name of Main web, default "Main" :
$mainWebname        = "Main";
#                   %TWIKIWEB% : Name of TWiki system web, default "TWiki" :
$twikiWebname       = "TWiki";
#                   Pathname of debug file :
$debugFilename      = "$logDir/debug.txt";
#                   Pathname of warning file. Default "$logDir/warning.txt" :
#                   (no warnings are written if empty)
$warningFilename    = "$logDir/warning.txt";
#                   Password file format/encoding method :
#                   htpasswd:plain, htpasswd:crypt, htpasswd:md5 (currently unsupported),
#                   htpasswd:sha1, htdigest:md5, none:
#default htpasswd:crypt;
$htpasswdFormatFamily = "htpasswd";
if( $OS eq "WINDOWS" ) {
   $htpasswdEncoding   = "sha1";   #windows apache
} else {
   $htpasswdEncoding   = "crypt";
}
#                   Pathname of user name/password file for authentication :
if ( $htpasswdFormatFamily eq "htpasswd" ) {
   $htpasswdFilename   = "$dataDir/.htpasswd";
} elsif ( $htpasswdFormatFamily eq "hdigest" ) {
   $htpasswdFilename   = "$dataDir/.htdigest";
}
#                   Authentication "realm" (must be the same as in
#                   password file, MUST NOT contain colons):
$authRealm          = "Enter your WikiName. (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.";
#                   Pathname of log file :
$logFilename        = "$logDir/log%DATE%.txt";
#                   Pathname of remote users file that maps IP to user :
$remoteUserFilename = "$dataDir/remoteusers.txt";
#                   %WIKIUSERSTOPIC% : Name of users list topic :
$wikiUsersTopicname = "TWikiUsers";
#                   Pathname of WebUsers topic, used to map Intranet login name
#                   (e.g. 'fsmith') to Wiki name (e.g. 'FredSmith') :
$userListFilename   = "$dataDir/$mainWebname/$wikiUsersTopicname.txt";
#                   Map login name to Wiki name, default "1", set to "0" for .htpasswd authenticated sites :
$doMapUserToWikiName = "1";
#                   %HOMETOPIC% : Name of main topic in a web, default "WebHome" :
$mainTopicname      = "WebHome";
#                   %NOTIFYTOPIC% : Name of topic for email notifications, default "WebNotify" :
$notifyTopicname  = "WebNotify";
#                   %WIKIPREFSTOPIC% : Name of site-level preferences topic, default "TWikiPreferences" :
$wikiPrefsTopicname = "TWikiPreferences";
#                   %WEBPREFSTOPIC% : Name of preferences topic in a web, default "WebPreferences" :
$webPrefsTopicname  = "WebPreferences";
#                   %STATISTICSTOPIC% : Name of statistics topic, default "WebStatistics" :
$statisticsTopicname = "WebStatistics";
#                   Number of top viewed topics to show in statistics topic, default "10" :
$statsTopViews      = "10";
#                   Number of top contributors to show in statistics topic, default "10" :
$statsTopContrib    = "10";
#                   Statistics debugging - write invalid logfile lines to debug log
$doDebugStatistics  = "0";
#                   Show how many revision links, "0" for all, default "3" :
$numberOfRevisions  = "3";
#                   Number of seconds a topic is locked during edit, default "3600" :
$editLockTime       = "3600";
#                   Group of users that can use cmd=repRev
#                   or that ALWAYS have edit powers (set $doSuperAdminGroup=1)
$superAdminGroup    = "TWikiAdminGroup";

#                   Keep same revision if topic is saved again within edit lock time. Default "1"
$doKeepRevIfEditLock = "1";
#                   Build $scriptUrlPath from $query->url parameter. Default "0".
#                   Note that links are incorrect after failed authentication if "1"
$doGetScriptUrlFromCgi = "0";
#                   Remove port number from URL. Default "0"
$doRemovePortNumber = "0";
#                   Remove IMG tags in mailnotify. Default "1"
$doRemoveImgInMailnotify = "1";
#                   Remember remote user by matching the IP address
#                   in case REMOTE_USER is empty. Default "0"
#                   (Note: Does not work reliably with dynamic IP addresses)
$doRememberRemoteUser = "0";
#                   Change non existing plural topic name to singular,
#                   e.g. TestPolicies to TestPolicy. Default "1"
$doPluralToSingular = "1";
#                   Hide password in registration email
$doHidePasswdInRegistration = "1";
#                   Remove ".." from %INCLUDE{""}% filename, to
#                   prevent includes of "../../file". Default "1"
$doSecureInclude    = "1";
#                   Log topic views to $logFilename. Default "1"
$doLogTopicView     = "1";
#                   Log topic edits to $logFilename. Default "1"
$doLogTopicEdit     = "1";
#                   Log topic saves to $logFilename. Default "1"
$doLogTopicSave     = "1";
#                   Log renames to $logFilename. Default "1".  Added JET 22-Feb-01
$doLogRename        = "1";
#                   Log view attach to $logFilename. Default "1"
$doLogTopicAttach   = "1";
#                   Log file upload to $logFilename. Default "1"
$doLogTopicUpload   = "1";
#                   Log topic rdiffs to $logFilename. Default "1"
$doLogTopicRdiff    = "1";
#                   Log changes to $logFilename. Default "1"
$doLogTopicChanges  = "1";
#                   Log search to $logFilename. Default "1"
$doLogTopicSearch   = "1";
#                   Log user registration to $logFilename. Default "1"
$doLogRegistration  = "1";
#                   Disable plugins. Set to "1" in case TWiki is non functional after
#                   installing a new plugin. This allows you to remove the plugin from
#                   the ACTIVEPLUGINS list in TWikiPreferences. Default "0"
$disableAllPlugins  = "0";
#                   Enable super-powers to $superAdminGroup members
#                   see Codev.UnchangeableTopicBug
$doSuperAdminGroup  = "1";

# Return true
1;

-- ChristineKluka - 26 Oct 2005

Answer

If you answer a question - or have a question you asked answered by someone - please remember to edit the page and set the status to answered. The status is in a drop-down list below the edit box.