Recently I was trying to improve on the blog’s performance and make it more mobile-friendly. I found this great wordpress plugin Autoptimize that supposedly helps you to minify all the javascript and css.
However, upon activating it, my blog lost all the css and javascript because of an Autoptimize error – Internal Server Error 500 in retrieving those files. I sshed the server and found that the files were in the correct place, it appeared that the get request from the browser cannot go through. The Autoptimize FAQ for the did not help much. So I decided to look at the apache2 log file at /var/log/apache2 . And not surprisingly, I found some lines that were relevant to the Autoptimize error:
1 |
[Tue Apr 28 08:26:07.993749 2015] [core:alert] [pid 22013] [client 137.132.250.9:31382] /var/www/wp-content/cache/autoptimize/.htaccess: Require not allowed here, referer: http://paradite.com/wp-content/cache/1.html |
After googling around, it appeared that the problem is caused by apache config file, apache2.conf , which in my case is located at /etc/apache2 .
Originally, it has a section that looks like this:
1 2 3 4 5 6 7 8 9 10 11 12 |
Directory /> Options FollowSymLinks AllowOverride None <Limit PUT DELETE CONNECT OPTIONS PATCH PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK> deny from all </Limit> </Directory> <Directory /var/www> Options FollowSymLinks AllowOverride FileInfo </Directory> |
I think this is the default setting by DigitalOcean when the server was set up. Somehow the restriction is too strict and the plugin cannot work. So I changed AllowOverride FileInfo into AllowOverride All.
The section now looks like this:
1 2 3 4 5 6 7 8 9 10 11 12 |
Directory /> Options FollowSymLinks AllowOverride None <Limit PUT DELETE CONNECT OPTIONS PATCH PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK> deny from all </Limit> </Directory> <Directory /var/www> Options FollowSymLinks AllowOverride All </Directory> |
I understand that this may have some security implications. However, I am not too concerned with it because I have tightened up security in ssh. So the apache config file will probably be harmless since the server is under my control.