Apache HTTPD AuthType Not Set 500 Internal Server Error
Apache HTTPD web server is returning internal server error code 500 when attempting to visit a website, with the following message:
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, root@localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
In Apache error log, entry similar to the following is recorded:
The error commonly happens after migrating or moving of websites to another environment or host, and normally involving different versions of Apache HTTPD web server running on the system.
Cause
The cause of the issue is due to enhanced security since Apache version 2.4 which supports different configuration options and directives. The specific directive causing the problem is Require. For example,
<Directory “/var/www/html”> AllowOverride None Require all granted </Directory>
The above Apache configuration works only in Apache 2.4 and newer, as Apache 2.4 and newer versions use a new authentication mechanisms rather than Order, Allow, Deny, and Satisfy access control idioms in Apache 2.2 and older versions.
Solution
To fix the 500 Internal Server Error caused by AuthType not set error, just remove complete all Require directives in httpd.conf or apache2.conf when running in Apache 2.2 or older.
Tip
If you want to build a Apache config file which works with both Apache version = 2.4, the the clause will help. For example:
<IfVersion < 2.3> Allow from all </IfVersion> <IfVersion >= 2.4> Require all granted </IfVersion>
Note that the trick above requires version module enabled in Apache HTTPD server. To enable it, you can insert the line “LoadModule version_module modules/mod_version.so” (without quotes) in httpd.conf or apache2.conf, or run the “a2enmod version” (without quotes) command.
Note
If you want to maintain the same access control and authentication setup between Apache version = 2.4, Apache provides several examples below.
Deny All Requests
2.2 configuration:
Order deny,allow Deny from all
2.4 configuration:
Require all denied
Allow All Requests
2.2 configuration:
Order allow,deny Allow from all
2.4 configuration:
Require all granted
Allow Only Hosts in example.org, Deny All Others
2.2 configuration:
Order Deny,Allow Deny from all Allow from example.org
LK is a technology writer for Tech Journey with background of system and network administrator. He has be documenting his experiences in digital and technology world for over 15 years.Connect with LK through Tech Journey on Facebook, Twitter or Google+.
