Security
如果我在 Drupal 8 上禁用 htaccess 文件,我會收到一條錯誤消息
我的 Drupal 8 站點有一個 LAMP 伺服器。
我想禁用 htaccess 文件以獲得更好的伺服器。
我按照以下教程進行操作:
https://www.vincentliefooghe.net/content/virtualhost-apache-pour-drupal
但是現在當我載入我的網站頁面時,我有一個空白頁面,其中包含以下消息:
handle($request); $response->send(); $kernel->terminate($request, $response);
我的伺服器
/etc/apache2/sites-available/www-domaine-com-le-ssl.conf
:<IfModule mod_ssl.c> <VirtualHost *:443> ServerAdmin contact@domaine.com ServerName domaine.com ServerAlias www.domaine.com Protocols h2 http/1.1 DocumentRoot /var/www/www-domaine-com/web/ <Directory /var/www/www-domaine-com/web> Options FollowSymLinks MultiViews AllowOverride None Require all granted Include /var/www/www-domaine-com/web/.htaccess Include /var/www/www-domaine-com/web/sites/default/files/.htaccess </Directory> <FilesMatch \.php$> SetHandler "proxy:unix:/var/run/php/php7.2-fpm.sock|fcgi://localhost/" </FilesMatch> <Proxy "fcgi://localhost/" enablereuse=on flushpackets=on max=10> </Proxy> ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateFile /etc/letsencrypt/live/domaine.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/domaine.com/privkey.pem Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" Header always set X-Content-Type-Options "nosniff" Header always set X-XSS-Protection "1; mode=block" Header always set X-Frame-Options "SAMEORIGIN" Header always set X-Download-Options "noopen" Header always set X-Permitted-Cross-Domain-Policies "none" Header always set Content-Security-Policy "default-src https: data: wss: 'unsafe-inline' 'unsafe-eval'; base-uri 'self';" Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure </VirtualHost> </IfModule>
一個
.htaccess
文件在它所在的目錄(以及該目錄的任何子目錄)中修改 apache 網路伺服器的行為。在不知道兩個單獨的 .htaccess 文件的內容的情況下,我希望您需要兩個目錄塊而不是單個目錄塊,因為第二個 .htaccess 不應該應用於 /var/www/www-domaine- 的內容com/web,你需要一些類似的東西:
<Directory /var/www/www-domaine-com/web> ... Include /var/www/www-domaine-com/web/.htaccess </Directory> <Directory /var/www/www-domaine-com/web/sites/default/files> ... Include /var/www/www-domaine-com/web/.htaccess Include /var/www/www-domaine-com/web/sites/default/files/.htaccess </Directory>