After you have installed Drupal, you may have found that you can no longer access certain folders on your site that are not under the control of the Drupal CMS. For example, if you installed Drupal in your web root folder, you may have found that you can no longer access (say) "http://www.example.com/non-drupal-folder/", where "non-drupal-folder" is a folder not under Drupal control. Trying to access that folder results in a 404 File Not Found error from Drupal, even if that folder actually exists and contains valid web documents. This article teaches you how you can configure your site so that you can access the folders not under the control of Drupal.
Drupal's setup includes a .htaccess that has the following effects:
Drupal sets up index.php as the only file that the Apache web server looks for in a folder should a filename not be specified by the visitor.
For example, if your visitor types "http://www.example.com/non-drupal-folder/" in the browser, the web server will look for a file named index.php in the "non-drupal-folder" directory. If it is not found, it will stop looking and load the 404 error document.
Drupal sets up the 404 error document to point to its own script. So if at any time the server cannot find a document, it will send the request for the file to Drupal. Drupal will then look into its database to see if the URL is one that corresponds to a post that you have made. If not, it will issue its 404 File Not Found error.
Another side effect is if you have set up a password-protected directory using .htaccess but have not set up the 401 error handler to point to a valid file. When you try to access the directory, the web server issues a 401 error. This error is normally handled by the web browser and causes it to issue a request for the password. However, if the 401 error handler does not point to a valid file, it will return a 404 File Not Found error instead. And as we have seen above, 404 errors are intercepted by Drupal, which means that you will never get the browser prompt for a password. Instead, you get a mysterious "File Not Found" error.
Fear not. All these problems can be easily solved.
The first thing to do is to make sure that your 401 error handler points to a valid file on your website's root directory. If you are not trying to access a password protected folder on your site, you can skip this part, although it should not harm your site unless you do something wrong. You can also skip this section if your 401 error document handler already points to a valid file, as is the case in some web hosts.
First, download the .htaccess file from the main directory of your website. This is typically in the "public_html" or "www" folder when you log in with your FTP program. If you cannot find a file named ".htaccess", you will need to configure your FTP program to show all files, including those that begin with a dot ("."). Find out from your FTP documentation how you can do this.
Make a copy of the downloaded .htaccess file and name it something like "original-htaccess-do-not-delete". This is your backup copy. Do not modify it. Do not delete it. If you make a mistake so that your website no longer functions, you can quickly rename this copy back to .htaccess and re-upload it to your site while you figure out what you did wrong. This is an important step - it's very easy to disable your entire site by making some small typo in the .htaccess file.
Open the original .htaccess file (not the backup copy) with an ASCII text editor. If you are using Windows, an ASCII text editor named Notepad can be found in the Accessories folder of the Start menu. Add the following lines to the top of the file, before anything else:
ErrorDocument 401 /401.html
Then create a web page named "401.html" and write whatever you want inside. If you have no idea what to put in there, just type "You do not have permission to access this folder." into your favorite web editor. If you don't have a web editor, type the following text into a blank Notepad document:
<html> <head><title>401 Password Needed</title></head> <body><h1>401 Password Needed</h1> <p>You don't have permission to access this folder.</p> </body> </html>
Save the file as "401.html". Include the quotes when saving the file if you are using Notepad, to avoid a Notepad problem.
Now upload both files to your website, to the same folder you got the .htaccess file originally.
Now you have to enable the support for the default index files like "index.html" and "index.shtml" in the folder you want to access.
If the folder you want to access does not have an existing .htaccess file, create a new .htaccess file with the following content. Otherwise, add the following line to the existing .htaccess file. Note that this is not the same .htaccess file you modified earlier. This one resides in the folder you are trying to allow access. Remember: you must use an ASCII text editor like Notepad, not a word processing program like Word or WordPad.
DirectoryIndex index.php index.shtml index.html
If your setup relies on index.pl or index.cgi being executed when the folder is accessed, you should add those to the DirectoryIndex line as well. Put it immediately before or after "index.php".
Save the file as ".htaccess" (including the quotes, if you are using Notepad), and upload it into the directory that you are trying to enable access. Watch out where you are uploading so that you do not accidentally overwrite Drupal's .htaccess file.
That's all there is to it. Clear your browser's cache (also known as "Temporary Internet Files" in one browser) and try to access the folder using your web browser and you should be successful this time. If not, go back through the instructions and make sure that you have completed every step correctly. If things go desperately wrong, so that you can't even access your website, don't panic. All you have to do is to delete the .htaccess files you have created or modified, and re-upload the one you have backed up earlier. (You did back it up like I told you, right?) Once you have done that, you can fix your errors at leisure without worrying that a visitor might be blocked from your site in the meantime.
Do you find this article useful? You can learn of new articles and scripts that are published on thesitewizard.com by subscribing to the RSS feed. Simply point your RSS feed reader or a browser that supports RSS feeds at http://www.thesitewizard.com/thesitewizard.xml. You can read more about how to subscribe to RSS site feeds from my RSS FAQ.
This article is copyrighted. Please do not reproduce this article in whole or part, in any form, without obtaining my written permission.
It will appear on your page as: