Error 500

  • Resolved inefavel

    (@inefavel)


    4 years, 3 months ago

    Hi,
    I have just installed the plugin in order to get my images optimized.
    I set it up CDN-Friendly, Alter HTML, Reference webps that haven’t been converted yet,and Create webp files upon request.

    Whenever I set this option, I get a 500 error when trying to serve the webp files.
    In the logs, this error is generated:

    [Mon Aug 10 01:56:53.730265 2020] [core:alert] [pid 334] [client [redacted]:61306] /var/www/html/wp-content/plugins/webp-express/wod/.htaccess: Require not allowed here

    And this is the content of the mentioned .htaccess file:

    # Grant access to webp-on-demand.php and webp-realizer.php
<FilesMatch "(webp-on-demand|webp-realizer)\.php$">
  <IfModule !mod_authz_core.c>
    Order deny,allow
    Allow from all
  </IfModule>
  <IfModule mod_authz_core.c>
    Require all granted
  </IfModule>
</FilesMatch>

    I dont know much about writing .htaccess files, so I dont know where to get from here.

    Also one more question related to this issue: If I DONT use the “create webp files on request” and also dont bulk-convert my image files, that mean that I wont have any webp files to serve, right?
    Or is there another way to convert existing jpgegs to webp?

    thanks

    • This topic was modified 4 years, 3 months ago by inefavel.

    The page I need help with: [log in to see the link]

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author rosell.dk

    (@roselldk)

    Ok, thanks for reporting.

    I discovered that it is possible to set up the server to disallow “Require” statements in .htaccess. The reason is is well described in the top answer here: https://stackoverflow.com/questions/44565411/require-not-allowed-here-after-drupal-update

    If you have access to httpd.conf, you can change the server setup to allow “Require” statements, as described in the bottom answer in the above link

    Which version of Apache are you running? I’m guessing that you are on at least version 2.4, as mod_authz_core was introduced in 2.4. You can see the version by clicking the “Live test” button on the Settings page. In fact, it will be helpful if you click that button and paste the entire output here.

    • This reply was modified 4 years, 3 months ago by rosell.dk.
    Plugin Author rosell.dk

    (@roselldk)

    These rules are actually often not needed. They are there to override rules that may have been placed in a parent .htaccess file by a security-plugin in order to prevent “running” php files directly. So I’m guessing that it will work for you, if you remove the file. However, as this is a plugin file, it will pop back on the next update.

    Thread Starter inefavel

    (@inefavel)

    Thanks so much for your reply!
    I’m using apache 2.4.25
    Its the default wordpress image from google cloud (I have just set up this weekend). So you might take that into consideration on your plugin.
    I do have access to httpd.conf, but I havent edited it – instead I removed the .htaccess file as per your last post. And it works!
    Any intention to work around this issue on next versions of the plugin? I prefer not to change httpd.conf if possible, and also keep it updated ??

    thanks!

    Plugin Author rosell.dk

    (@roselldk)

    Yes, I have an intention to work around the issue. But unfortunately it seems there isn’t an easy solution available other than removing the functionality. But I don’t dare to do that as it will probably break the functionality for some users that are using security plugins.

    My current idea is to create a new folder with the same two files (well, they can simply include the other files), but without the .htaccess and make it configurable which folder the rewrite rules points to. I’m however not sure if I want this configuration to appear in the UI. I will probably only add it to the “Tweaked” operation mode. On top of that, I could try to make the plugin automatically select the proper configuration if it identifies a problem.

    I will get back to you…

    Plugin Author rosell.dk

    (@roselldk)

    Issue solved in the new release! (0.18.0)

    The plugin now automatically checks if “wod” is accessible when the .htaccess rules are generated. If not, it uses the new folder “wod2”, which does not contain any “.htaccess”.

    What you should do now is simply update to 0.18.0 and then click “Save settings and force new .htaccess rules”. The “live test” buttons btw now also detects this problem.

    It took a while to solve this, as it led me on a detour – creating a library for testing .htaccess capabilities. Available here: https://github.com/rosell-dk/htaccess-capability-tester

    Thread Starter inefavel

    (@inefavel)

    Awesome, thanks!

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Error 500’ is closed to new replies.