Re : Http error 500

Bonjour,

L'erreur 500 correspond souvent à des erreurs dans les modules. Pour m'en sortir, j'active le "Rapports d'erreurs" (dans Configuration/Serveur) sur Maximum temporairement, sinon c'est vraiment bavard. Cela donne en général une idée du module/plugin qui fonctionne mal.

Pascal

Re : Http error 500

Bonjour,

merci pour ce début de réponse,
le soucis c'est que dès que je clique sur configuration bim "HTTP ERROR 500"
possibilité à votre avis de l'activer autrement ?
sinon comment désactiver les modules et les réactiver un à un via FTP ?

Cordialement

Christophe

Re : Http error 500

salut,
juste une suggestion.

qu'y a-t-il dans configuration.php, au niveau de :
?
Si tu as un truc du genre :
Teste en virant : http://www.tonsite.com

Re : Http error 500

Bonjour

Quel est le contenu actuel de ton fichier /.htaccess (celui à la racine du site) ?

Et si tu as un fichier .ovh_config, quel en est le contenu ?

Re : Http error 500

Bonjour,

j'ai bien

public $live_site = " ";

Merci quand même...

Re : Http error 500

Bonjour,

ovhconfig:

app.engine=php
app.engine.version=5.6
http.firewall=none
environment=production
container.image=default_image

htaccess:

################################################## ################################################

#

# aeSecure v2.1 (c) AVONTURE Christophe (http://www.aesecure.com/)

#

# !!! ---------------------------------------------------------------------------------------- !!!

# !!! DON'T MODIFIY THIS FILE MANUALLY. IF YOU NEED TO ADD RULES IN IT, JUST USE YOUR !!!

# !!! http://yoursite/aesecure/setup.php?YOUR_LONG_KEY PAGE INTERFACE AND GO TO OPTION 1.4 !!!

# !!! "Manual edit of your .htaccess" !!!

# !!! ---------------------------------------------------------------------------------------- !!!

#

# If the .htaccess file isn't working at all, check in your httpd.conf server file that

# AllowOverride variable is not set on None and in that case change the settings to All

#

# So change "AllowOveridde None" to "AllowOverride All" (without double-quote). Restart then the Apache server.

#

################################################## ################################################

#aeSecure 1.1



#AESECURE_BLOCKUSERAGENT_START

#AESECURE_BLOCKUSERAGENT_END

#AESECURE_BLOCKIP_START

#AESECURE_BLOCKIP_END

#AESECURE_BLOCKPARTURL_START

#AESECURE_BLOCKPARTURL_END

#AESECURE_BLOCKREFERRER_START

#AESECURE_BLOCKREFERRER_END



# Define the 403 - Access denied page

ErrorDocument 403 '<html xmlns="http://www.w3.org/1999/xhtml"><head><style type="text/css" >body{color:#fff;background-color:#851507;font:14px/1.5 Helvetica,Arial,sans-serif};</style><title>Access denied</title></head><body><div style="margin:20px auto;width:700px;padding-top:50px"><img src="assets/images/aesecure_denied.png" style="float:right;" alt="aeSecure"/><h1>Access denied, unauthorized access.<br/><br/>If you think it\'s an error, please inform the webmaster to help him to adjust his security rules. Thank you.</h1><pre style="padding:20px;white-spacere-line;border-radius:10px;background-color:#b34334">Code : 403 - Deny access</pre></div></body></html>'



# Force to mention index.html when trying to access f.i. to http://yoursite/images

<IfModule mod_autoindex.c>

IndexIgnore *



##

# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!

#

# The line just below this section: 'Options +FollowSymLinks' may cause problems

# with some server configurations. It is required for use of mod_rewrite, but may already

# be set by your server administrator in a way that dissallows changing it in

# your .htaccess file. If using it causes your server to error out, comment it out (add # to

# beginning of line), reload your site in your browser and test your sef url's. If they work,

# it has been set by your server administrator and you do not need it set here.

##

## Can be commented out if causes errors, see notes above.

Options +FollowSymLinks -Indexes

</IfModule>



# Define the default page ordering (first index.php if present, otherwise index.html)

DirectoryIndex index.php index.html



#AESECURE_MAINTENANCE_START

#AESECURE_MAINTENANCE_END



#AESECURE_COMPRESSION_START

#AESECURE_COMPRESSION_END



#Uncomment if want to force HTTPS and if your server can handle it

#RewriteCond %{HTTPS} off

#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}



# -------------------------------------------------------------------------

# -- Inclusion of the aeSecure Premium htaccess (only for Premium users) --



# -------------------------------------------------------------------------



# -------------------------------------------------------------------------

# ----------------------------- Site security -----------------------------

# -------------------------------------------------------------------------



# Activate PHP 5.4 which is more secure than older version

# Comment this line when php is no more executed but downloaded, it's the case on local webserver (localhost) or

# when your hosting company doesn't support php 5.4 yet

<IfModule mod_php5.c>

#AddHandler application/x-httpd-php54 .php .php5 .php4 .php3.

</IfModule>



#AESECURE_FILEUPLOAD_START

#AESECURE_FILEUPLOAD_END



#AESECURE_ERRORREPORTING_START
#aeSecure 1.3

# Disable errors and warnings; don't allow the user to see them but redirect them into a logfile

<IfModule mod_php5.c>

php_flag display_errors off

php_flag log_errors on

php_value track_errors on

php_value error_log aesecure/logs/error.log

</IfModule>
#AESECURE_ERRORREPORTING_END



<IfModule mod_php5.c>



# Be sure that these php.ini variables are correctly initialized

php_value register_globals off



# Disable magic_quotes (if not yet done in httpd.conf)

php_flag magic_quotes_runtime off

php_flag magic_quotes_sybase off



# Set your default timezone.

php_value date.timezone Europe/Brussels



# Increase cookie security; reduce XSS attacks

# http://www.php.net/manual/fr/session...ookie-httponly

# CAUSE PROBLEM WITH AUTHENTIFICATION IN JOOMLA!® DON'T UNCOMMENT.

#php_value session.cookie_secure true

#php_value session.use_only_cookies true

#php_value session.cookie_httponly true



</IfModule>



# ------------------------------

# --- Block files/folders



<IfModule mod_rewrite.c>



RewriteEngine On



#AESECURE_BLOCKFILE_START

#aesecure 1.7

# Block direct access to these files : don't allow an url like f.i. http://yoursite/install.txt

RewriteCond %{REQUEST_FILENAME} (boot.ini|changelog.php|changelog.txt|configuratio n.php|contributing.md|copyright.php|credits.php|ht access.txt|httpd.conf|install.mysql)$ [NC,OR]

RewriteCond %{QUERY_STRING} (boot.ini|changelog.php|changelog.txt|configuratio n.php|contributing.md|copyright.php|credits.php|ht access.txt|httpd.conf|install.mysql).*$ [NC,OR]

RewriteCond %{REQUEST_FILENAME} (install.pgsql|install.txt|joomla.xml|license.php| license.txt|maintainers.php|maintainers.txt|php.in i|phpinfo.php|readme.htm)$ [NC,OR]

RewriteCond %{QUERY_STRING} (install.pgsql|install.txt|joomla.xml|license.php| license.txt|maintainers.php|maintainers.txt|php.in i|phpinfo.php|readme.htm).*$ [NC,OR]

RewriteCond %{REQUEST_FILENAME} (readme.html|readme.txt|upgrade.php|upgrade.txt|we b.config.txt|web.config|wp-config.php)$ [NC,OR]

RewriteCond %{QUERY_STRING} (readme.html|readme.txt|upgrade.php|upgrade.txt|we b.config.txt|web.config|wp-config.php).*$

RewriteCond %{SCRIPT_FILENAME} -f

RewriteRule .* /aesecure/accessdenied.php?s=148 [L]

#AESECURE_BLOCKFILE_END



# Never direct access to these files or folder (aesecure)

# Block f.i. http://yoursite/.htaccess, http://yoursite/configuration.php, ...

RewriteCond %{REQUEST_FILENAME} .*\.(phtm?l?|ash?x|aspx?|cfml?|cgi|pl|jsp|sql)$ [NC,OR]

RewriteCond %{REQUEST_FILENAME} .*\.(bak|config|dll|exe|sql|ini|log|sh|inc|dist)$ [NC,OR]

RewriteCond %{REQUEST_FILENAME} .*\.(htaccess|htaccess_old|htpasswd)$ [NC]

RewriteCond %{SCRIPT_FILENAME} -f

RewriteRule .* /aesecure/accessdenied.php?s=148 [L]



# ------------------------------

# --- Block fingerprint



# Block &tp=1 or &tmpl=offline ...

# Block f.i. http://yoursite/index.php?tmpl=offline

RewriteCond %{QUERY_STRING} (^|&)tmpl=(system|offline) [NC]

RewriteRule .* - [L]

RewriteCond %{QUERY_STRING} (^|&)tp= [NC]

RewriteRule .* - [F]



# ------------------------------

# --- Block specific querystring



# PHP Easter Eggs

# Block f.i. http://yoursite/index.php?=PHPE9568F...9-00AA001ACF42 but not if

# the request comes from the webserver himself (=allowed on localhost and serveur (since called by Joomla backend))

RewriteCond %{REMOTE_ADDR} !127.0.0.1

RewriteCond %{QUERY_STRING} \=PHP[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12} [NC]

RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?www\.pierbiau\.com [NC]

RewriteRule .* /aesecure/accessdenied.php?s=758 [L]



# Block out any script trying to modify a _REQUEST / PHP GLOBAL variables via URL

# Block out any script trying to set a PHP GLOBALS variable via URL.

# Block f.i. http://yoursite/index.php?GLOBALS=SuperMe

RewriteCond %{QUERY_STRING} ((\?|&)GLOBALS(=|\[|\%[0-9A-Z]{0,2})?) [NC,OR]

RewriteCond %{QUERY_STRING} ((\?|&)_REQUEST(=|\[|\%[0-9A-Z]{0,2})?) [NC]

RewriteRule .* /aesecure/accessdenied.php?s=654 [L]



# Block out any script that includes a <script> tag in URL.

# Block f.i. http://yoursite/index.php?%3Cscript%...;%3C/script%3E

# Block f.i. http://yoursite/index.php?%3Ctable%2...script:alert(([code])%22%3E%3C/table%3E

RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]

RewriteCond %{QUERY_STRING} (\<|%3C).*iframe.*(\>|%3E) [NC,OR]

RewriteCond %{QUERY_STRING} ((java)?script.*(.* [NC,OR]

RewriteCond %{QUERY_STRING} .*(\&lt;script).* [NC]

RewriteRule .* /aesecure/accessdenied.php?s=541 [L]



#xss blocage For instance, a parameter on the querystring is an url (http://...)

RewriteCond %{REQUEST_METHOD} (GET|POST) [NC]

# Exception : the http:// parameter has been set by the website himself. This is the case with WordPress, f.i.

# because wp-admin makes a redirection to wp-login. Allow the server IP and localhost

RewriteCond %{REMOTE_ADDR} !127.0.0.1

RewriteCond %{REMOTE_ADDR} !178.33.103.85

RewriteCond %{QUERY_STRING} !option=com_akeeba&view=backup(.*)$ [NC]

RewriteCond %{QUERY_STRING} !(.*)https?(://|%3A%2F%2F)www\.pierbiau\.com(.*)$ [NC]

RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)(t|% 74|%54)(p|%70|%50)(s|%73|%53)(%3A|(/|%2F){2}(.*)$ [NC,OR]

RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)(t|% 74|%54)(p|%70|%50)(s|%73|%53)%3a(%3A|(/|%2F){2}(.*)$ [NC,OR]

RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)(t|% 74|%54)(p|%70|%50)(%3A|(/|%2F){2}(.*)$ [NC,OR]

RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)(t|% 74|%54)(p|%70|%50)%3a(%3A|(/|%2F){2}(.*)$ [NC,OR]

RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(f|%66|%46)(t|%74|%54)(p|% 70|%50)(%3A|(/|%2F){2}(.*)$ [NC,OR]

RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)%20( t|%74|%54)(p|%70|%50)(%3A|(/|%2F){2}(.*)$ [NC,OR]

RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)(t|% 74|%54)%20(p|%70|%50)(%3A|(/|%2F){2}(.*)$ [NC,OR]

RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)(t|%74|%54)(t|% 74|%54)(p|%70|%50)%20(%3A|(/|%2F){2}(.*)$ [NC,OR]

RewriteCond %{QUERY_STRING} ^(.*)(%3D|=|%3A|%09)(.*)(h|%68|%48)%20(t|%74|%54)( t|%74|%54)(p|%70|%50)(%3A|(/|%2F){2}(.*)$ [NC]

RewriteRule .* /aesecure/accessdenied.php?s=782 [L]



# Block out any script trying to base64_encode data within the URL.

# Block f.i. http://yoursite/index.php?ImageName=base64_encode(%22I'm%20an%20ha cker...%20Tadaaa%22)

RewriteCond %{QUERY_STRING} .*base64_(de|en)code.* [NC]

RewriteRule .* /aesecure/accessdenied.php?s=345 [L]



# Block querystring where "PHPSESSID" appears.

RewriteCond %{QUERY_STRING} ^.*PHPSESSID.*$ [NC]

RewriteRule .* /aesecure/accessdenied.php?s=310 [L]



# Redirect tentative to use the com_users standard component of Joomla and

# redirect to Community Builder

#RewriteCond %{QUERY_STRING} option=com_users&view=login [NC]

#RewriteRule .* index.php?option=com_comprofiler&task=login [L]



# Prevent use of specified methods in HTTP Request, but allow opensiteexplorer.org to do so

# http://bodvoc.com/index.php?option=com_content&view=article&id=43&ca tid=2&Itemid=3; see rule #1

RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC]

RewriteCond %{HTTP_REFERER} !(www\.)?opensiteexplorer\.org/ [NC]

RewriteCond %{HTTP_REFERER} !(www\.)?uptimerobot\.com/ [NC]

RewriteCond %{HTTP_REFERER} !http://validator\.w3\.org/ [NC]

RewriteRule .* /aesecure/accessdenied.php?s=651 [L]



# Block out use of illegal or unsafe characters in the HTTP Request

# Block urls having a carriage return or linefeed in it

# Block also urls having "wwwroot" or "public_html" in it. Can be an hacker trying to access to a localfile

# Block urls having "alert(", "char(", "eval(", "function(" ...

RewriteCond %{QUERY_STRING} .*((alert|char|eval|function|load_file)\().* [NC,OR]

RewriteCond %{QUERY_STRING} .*(\_vti\_|crossdomain|wwwroot|public_html).* [NC,OR]

RewriteCond %{QUERY_STRING} .*(\\r|\\n|%0A|%0D).* [NC]

RewriteRule .* /aesecure/accessdenied.php?s=429 [L]



# No carriage return, line feed, escape (%27), ... in the query string

# Block f.i. http://yoursite/index.php?value=%27

RewriteCond %{QUERY_STRING} ^.*(<|>|'|%0A|%0D|%25|%27|%3C|%3E|%00).* [NC,OR]

RewriteCond %{QUERY_STRING} ^.*((\/\*)?\*\/).* [NC,OR]

RewriteCond %{QUERY_STRING} ^.*\|\|.* [NC]

RewriteCond %{QUERY_STRING} !option=com_akeeba(.*)$ [NC] # exception for Akeeba backup

RewriteRule .* /aesecure/accessdenied.php?s=271 [L]



# Block SQL injection tentatives

# Block f.i. http://yoursite/index.php?%3CDROP%20TABLE%20jos_users%3E

RewriteCond %{QUERY_STRING} ^.*(;|<|>|'|"|\)|%0A|%0D|%22|%25|%27|%3C|%3E|%00). *(/\*|union|select|insert|cast|declare|drop|update|md 5|benchmark).* [NC,OR]

RewriteCond %{QUERY_STRING} ^.*(%20)?([(])?(union|select|insert|cast|declare|group_concat|d rop|update|md5|benchmark)%20.* [NC,OR]

RewriteCond %{QUERY_STRING} ^.*(%20|\+)(AND|OR)(%20|\+).* [NC,OR]

RewriteCond %{QUERY_STRING} ^.*(%20|\+)ORDER(%20|\+).* [NC,OR]

RewriteCond %{QUERY_STRING} ^.*%201\=1.* [NC]

RewriteRule .* /aesecure/accessdenied.php?s=682 [L]

# Block urls trying to get access to the jos_ defaut prefix of Joomla 1.5

RewriteCond %{QUERY_STRING} .*jos_.* [NC]

RewriteRule .* /aesecure/accessdenied.php?s=682 [L]



#Block functions in the querystring (f.i. String.fromCharCode)

RewriteCond %{QUERY_STRING} ^.*string\.fromcharcode.* [NC]

RewriteRule .* /aesecure/accessdenied.php?s=352 [L]



# Filter against shell attacks

# Block f.i. http://yoursite/index.php?cmd=chmod or http://yoursite/index.php?act=tools&d=54

# http://yoursite/index.php?page=../../../../proc/self/environ or http://yoursite/index.php?cmd=../../etc/passwd



RewriteCond %{REQUEST_URI} .*((php|my)?shell|remview.*|phpremoteview.*|sshphp .*|pcom|nstview.*|c99|r57|webadmin.*|phpget.*|phpw riter.*|fileditor.*|locus7.*|storm7.*)\.(p?s?x?htm ?l?|txt|aspx?|cfml?|cgi|pl|php[3-9]{0,1}|jsp?|sql|xml) [NC,OR]

RewriteCond %{REQUEST_METHOD} (GET|POST) [NC]

RewriteCond %{QUERY_STRING} ^(.*)([-_a-z]{1,15})=(chmod|chdir|mkdir|rmdir|clear|whoami|unam e|unzip|gunzip|grep|umask|telnet|ssh|ftp|mkmode|lo gname|edit_file|search_text|find_text|php_eval|dow nload_file|ftp_file_down|ftp_file_up|ftp_brute|mai l_file|mysql_dump|db_query)([^a-zA-Z0-9].+)*$ [OR]

RewriteCond %{QUERY_STRING} ^work_dir=.*$ [OR]

RewriteCond %{QUERY_STRING} ^command=.*&output.*$ [OR]

RewriteCond %{QUERY_STRING} ^nts_[a-z0-9_]{0,10}=.*$ [OR]

RewriteCond %{QUERY_STRING} ^c=(t|setup|codes)$ [OR]

RewriteCond %{QUERY_STRING} ^act=((about|cmd|selfremove|chbd|trojan|backc|mass browsersploit|exploits|grablogins|upload.*)|((chmo d|f)&f=.*))$ [OR]

RewriteCond %{QUERY_STRING} ^act=(ls|search|fsbuff|encoder|tools|processes|ftp quickbrute|security|sql|eval|update|feedback|cmd|g ofile|mkfile)&d=.*$ [OR]

RewriteCond %{QUERY_STRING} ^&?c=(l?v?i?&d=|v&fnot=|setup&ref=|l&r=|d&d=|tree& d|t&d=|e&d=|i&d=|codes|md5crack).*$ [OR]

RewriteCond %{QUERY_STRING} ^(.*)*etc(/|%2F)passwd* [OR]

# Windows slashes \..

RewriteCond %{QUERY_STRING} .*(((\\|%5C)\.\.\\)+).* [OR]

# Unix slashes /..

RewriteCond %{QUERY_STRING} .*(((\/|%2F)\.\.)+).* [OR]

RewriteCond %{QUERY_STRING} ^(.*)*proc\/self\/environ* [NC]

RewriteRule .* /aesecure/accessdenied.php?s=490 [L]

</IfModule>



#AESECURE_BLOCKHIDDENFOLDERS_START

#aesecure 2.6

# Block access to hidden files and directories.

# This includes directories used by version control systems such as Git and SVN.

<IfModule mod_rewrite.c>

RewriteCond %{SCRIPT_FILENAME} -d [OR]

RewriteCond %{SCRIPT_FILENAME} -f

RewriteRule "(^|/)\." /aesecure/accessdenied.php?s=26 [L]

</IfModule>

#AESECURE_BLOCKHIDDENFOLDERS_END

#AESECURE_BLOCK_COM_USERS_START

#AESECURE_BLOCK_COM_USERS_END

#AESECURE_BADBOTS_START

#AESECURE_BADBOTS_END

#AESECURE_BLOCK_COMPONENTS_START

#AESECURE_BLOCK_COMPONENTS_END



# Disable Server Signature, be sure that PHP version number won't be transmitted

ServerSignature Off

# -------------------------------------------------------------------------

# -------------- IE aka Immonde Explorateur (Awful explorer) -------------

# -------------------------------------------------------------------------



# Always force latest IE rendering engine (even in intranet) & Chrome Frame

# Read http://www.1stwebdesigner.com/design/snippets-html5-boilerplate/; X-UA-Compatible chapter

<IfModule mod_headers.c>

<IfModule mod_setenvif.c>

BrowserMatch MSIE ie

Header set X-UA-Compatible "IE=Edge,chrome=1"

# mod_headers can't match by content-type, but we don't want to send this header on *everything*...

<FilesMatch "\.(js|css|gif|png|jpe?g|webp|pdf|xml|oga|ogg|m4a| ogv|mp4|m4v|webm|svg|svgz|eot|ttf|otf|woff2?|ico|w ebp|appcache|manifest|htc|crx|xpi|safariextz|vcf)$ " >

Header unset X-UA-Compatible

</FilesMatch>

</IfModule>

</IfModule>



# -------------------------------------------------------------------------

# --------------------------- Site optimization ---------------------------

# -------------------------------------------------------------------------



#AESECURE_HOTLINKING_START

#AESECURE_HOTLINKING_END



<IfModule mod_rewrite.c>

# Browsers trying to access to the site favicon from a bad locations... This will generate 404 pages

# and entries in logfiles; avoid this. Redirect to the good file

#--- Commented because need to first verify if the querystring points to favicon or not.

#--- need to verify too the existence of the /templates/favicon.ico file first

#RewriteCond %{REQUEST_URI} !^/favicon\.ico [NC]

#RewriteCond %{REQUEST_URI} favicon\.ico [NC]

#RewriteRule (.*) http://%{HTTP_HOST}/templates/favicon.ico [R=301,L]

</IfModule>



#AESECURE_WITHORNOTWWW_START

#AESECURE_WITHORNOTWWW_END



# Everything will be, by default, in utf-8, in French

AddDefaultCharset UTF-8

DefaultLanguage fr-FR



<IfModule mod_mime.c>

AddType image/svg+xml .svg .svgz .svg.gz

AddType application/x-gzip .gz .gzip

AddType text/css .css.gz

AddType text/html .html.gz .htm.gz

AddType image/x-icon .ico.gz .icon.gz

AddType text/plain .txt.gz

AddType text/json .json.gz

AddType text/xml .xml.gz

AddType application/xslt+xml .xsl.gz

AddType application/javascript .js.gz

AddCharset utf-8 .atom .css .js .json .rss .xml .css.gz .htm.gz .html.gz .js.gz .xml.gz

</IfModule>



#AESECURE_PAGESPEED_START

#AESECURE_PAGESPEED_END

#AESECURE_EXPIREBYTYPE_START

#AESECURE_EXPIREBYTYPE_END

#AESECURE_MINIFY_START

#AESECURE_MINIFY_END

#AESECURE_BOTSNOARCHIVE_START

#AESECURE_BOTSNOARCHIVE_END

#AESECURE_BLOCKROBOTSTXT_START

#AESECURE_BLOCKROBOTSTXT_END



## force the latest IE version, in various cases when it may fall back to IE7 mode

## github.com/rails/rails/commit/123eb25#commitcomment-118920

## Use ChromeFrame if it's installed for a better experience for the poor IE folk

<IfModule mod_headers.c>



# Just for the fun, doesn't have any impact.

Header set Protected-by "aesecure (c) Christophe Avonture"



# In case of, remove the X-Powered-By which reveal the PHP version number running on the server

Header unset X-Powered-By



# Disable ETags (French explanations : http://www.takeitweb.fr/blog/configurer-etags.html)

Header unset ETag

FileEtag None



</IfModule>



<IfModule mod_headers.c>

## Because X-UA-Compatible isn't sent to non-IE (to save header bytes),

## We need to inform proxies that content changes based on UA

Header append Vary User-Agent

## Cache control is set only if mod_headers is enabled, so that's unncessary to declare

</IfModule>



#AESECURE_REDIRECTIONS_START

#AESECURE_REDIRECTIONS_END



# Include your manual changes here below

#AESECURE_OLDHTACCESS_START
#AESECURE_OLDHTACCESS_END



#AESECURE_REWRITE_START
#aeSecure 7.1

<IfModule mod_rewrite.c>



RewriteEngine On



# Joomla! core SEF Section

# Workaround for HTTP authorization in CGI environment

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]



# If the requested path and file is not /index.php and the request

# has not already been internally rewritten to the index.php script

RewriteCond %{REQUEST_URI} !^/index\.php



# and the request is for something within the component folder,

# or for the site root, or for an extensionless URL, or the

# requested URL ends with one of the listed extensions

RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|vcf|raw))$ [NC]



# Never rewrite for existing files, directories and links

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteCond %{REQUEST_FILENAME} !-l



# internally rewrite the request to the index.php script

RewriteRule .* index.php [L]



</IfModule>
#AESECURE_REWRITE_END

Merci d'avance.

Cdt

Christophe

Re : Http error 500

Tu disais avoir désactivé aeSecure or cela ne semble pas le cas.

Dans ton .htaccess, recherche la ligne ci-dessous et ajoute un dièse devant la ligne; sauve le fichier et vois si cela résoud le problème

(et donc modifie en )

Note : dans ton dossier /aesecure/setup/backup tu as les anciens fichiers .htaccess puisqu'aeSecure prends un backup avant chaque activation d'une option ==> récupère ton fichier d'avant l'installation du logiciel (donc, en principe le fichier le plus ancien) et tu auras donc ton .htaccess ... d'avant l'installation et donc présumé fonctionnel pour ton site)

Re : Http error 500

Oui je l'ai réactivé entre temps vu que ça ne m'avait pas résolu le soucis.

J'ai essayé ta manip ça change rien,

j'ai aussi remis le .htaccess d'origine avant installation d'aesecure ça ne change rien non plus...

Un module pourrait être la cause de cette erreur ?

Re : Http error 500

Désactive .ovh_config alors.

Sinon, direction le fichier de log d'OVH pour comprendre l'origine de ton erreur 500 : https://logs.ovh.net

Re : Http error 500

En désactivant .ovh_config

Erreur:

Parse error: syntax error, unexpected T_OBJECT_OPERATOR in /home/pierbiau/www/index.php on line 43

Je file voir les logs du temps...

Re : Http error 500

Ok, logique pour .ovh_config. Tu es repassé sur un vieux PHP.

Re : Http error 500

C'est le chantier dans les logs, ça me dépasse...
une idée de ce que je dois chercher ?

Ce qui est bizarre c'est que le catalogue par exemple fonctionne parfaitement.
Mais que certaines requêtes comme dans mon menu ou en back office m'amène une erreur 500...

Re : Http error 500

Prends le log des erreurs (pas celui des accès). Analyse le fichier à l'envers (ordre chronologique descendant). Cherche les lignes concernant les erreurs 500.

Ton hébergeur devrait avoir une faq pour t'y aider car oui ce n'est pas intuitif

Re : Http error 500

Je trouve bien des erreurs mais en 404 pas en 500...
Je vais tenter du supprimer mon dossier www
et de remettre ma backup du mois de mai voir ce que ça donne...
qu'en penses tu ?