Fri Sep 21 2018
secured server and Wordpress's .htaccess rewrite rules
My most recent Wordpress install had a custom Permalink style (it was set to include
/index.php/ as part of the root, so
example.com/index.php/blog, instead of
example.com/blog). Because this install will primarily be used as a blog, I wanted the URLs to be cleaner and include dates... e.g.,
This style is one of several built in to Wordpress's settings. I made the switch from the custom style to the preset I wanted. Easy peasy.... except the change didn't 'take.' All my URLs, save the front page, were 404'ing.
First pass of troubleshooting searches suggested that it was a file-permissions issue. I'd had several of those already, so off I went, into the server to check permissions inside
/var/www/root (or whatever). Nope - Apache had permission to write to
.htaccess, a file on the server where Wordpress can insert rules to re-write URL paths, (see
mod_rewrite). That wasn't the problem.
(I should've known that part was okay; from what I subsequently read, the admin settings page would've actually told me, "Hey I can't seem to find or write to your .htaccess file.")
Second round of searching turned up this page from Hayden James. The thesis of that article is, "Don't use the
.htaccess file if you (as opposed to your hosting service) control the more-powerful
httpd.conf file. In discussing the issue, he happened to use as an example the exact problem I was looking at... Wordpress wanting to re-write URLs on the fly. When I say "exact problem", I mean I cut 10 lines of his code, pasted them into my
httpd.conf, restarted Apache, and blam all my site links worked again.
In fact, the Linode script that built the server was following that article's advice; the
http.conf was securing
# AllowOverride controls what directives may be placed in .htaccess files. # It can be "All", "None", or any combination of the keywords: # Options FileInfo AuthConfig Limit # AllowOverride None
The issue is the Wordpress administrator knowing that the underlying server is secured in such a way that changing the Permalink settings in the dashboard works without error, but those changes don't do anything. A bit like a toddler's toy steering wheel. It doesn't actually change the car's direction.