Enabling .htaccess in Apache2

ByEric Ma Posted on Updated on

The AllowOverride directive controls whether Apache will process .htaccess files in a given directory. By default, many Apache installations disable this for security and performance reasons, so you need to explicitly enable it.

Enable AllowOverride for a directory

Add a <Directory> block to your Apache configuration file (typically /etc/apache2/apache2.conf, a file in /etc/apache2/sites-available/, or /etc/apache2/conf-available/):

<Directory "/var/www/www.example.com">
    AllowOverride All
</Directory>

The AllowOverride All directive permits all .htaccess directives. If you want to restrict which directives can be overridden, you can specify individual keywords:

<Directory "/var/www/www.example.com">
    AllowOverride FileInfo AuthConfig Limit
</Directory>

Common AllowOverride options:

  • All — Allow any directive in .htaccess
  • None — Disable .htaccess processing entirely
  • FileInfo — Allow directives that control document types, headers, and error handling (mod_mime, mod_headers, mod_rewrite)
  • AuthConfig — Allow authentication directives
  • Limit — Allow directives that control host access (rarely needed in modern Apache)
  • Options — Allow the Options directive

Place it in a virtual host

You can also add the AllowOverride directive inside a virtual host configuration:

<VirtualHost *:80>
    ServerName www.example.com
    DocumentRoot /var/www/www.example.com

    <Directory "/var/www/www.example.com">
        AllowOverride FileInfo AuthConfig Limit
    </Directory>
</VirtualHost>

Reload Apache

After making changes, test your configuration and reload Apache:

sudo apache2ctl configtest
sudo systemctl reload apache2

Performance consideration

Enabling AllowOverride causes Apache to check for .htaccess files on every request in that directory tree, which has a small performance cost. In production environments with high traffic, consider moving .htaccess rules directly into your virtual host configuration and setting AllowOverride None instead. This eliminates the filesystem lookup overhead.

For example, instead of relying on .htaccess for URL rewriting, you can use:

<Directory "/var/www/www.example.com">
    AllowOverride None

    <IfModule mod_rewrite.c>
        RewriteEngine On
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteCond %{REQUEST_FILENAME} !-d
        RewriteRule ^(.*)$ index.php?url=$1 [QSA,L]
    </IfModule>
</Directory>

This approach is faster and more maintainable than scattering directives across .htaccess files.

Read more:

Leave a Reply

Your email address will not be published. Required fields are marked *