I'm stumped with this problem. Have a read a couple of posts about similar issues but the work around doesn't work for me. I hope to get some feedback from you guys about this.
Drupal: 4.7.2
Shared hosting server on Windows OS
htaccess with the following code:
SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
Options None
RewriteEngine off
Tried the solve with the following:
1) Change Options None to Options FollowSymLinks (or +FollowSymLinks) -> doesn't work
2) comment some of the lines as suggested by some of the postings -> doesn't work either
3) removed htaccess file from the shared files folder -> temporarily work, but the problem comes back again when htaccess reappeared in the folder.
What else can i do? It appears that the best solution so far is to delete the htaccess file. But how do I avoid the file from being regenerated again by the system? Which settings does it anyway? Thanks
Comments
erm
Are you using Apache or IIS? If IIS, your webserver should pretty much ignore the .htaccess file. Side note, READ drupal.org/security (SUBSCRIBE TOO!) and test your site and upgrade when testing completed. 4.7.2 and 4.7.3 have known security vulnerabilities.
-Steven Peck
---------
Test site, always start with a test site.
Drupal Best Practices Guide -|- Black Mountain
-Steven Peck
---------
Test site, always start with a test site.
Drupal Best Practices Guide
I believe it's IIS and not
I believe it's IIS and not Apache that is running on this shared hosting server. I would much prefer Apache if I'm using the VPS services but this particular case, I'm not able to change them for now. The htaccess is not much of a problem until i realise that it's giving problems to the image modules. Images and files are uploaded into the File system path (using default 'files') but as long as that htaccess exist, the images or the files can't be accessed - HTTP 500 error occurs.
Much appreciate your help.
The workaround I used on our
The workaround I used on our server was to create a blank .htaccess file and stuff it in the files directory. That prevents Drupal from helpfully creating a new one.
thx.. dont know if its the
thx.. dont know if its the proper way to do things, but the second link worked.. a blank .htaccess :-)