Daily httpd restart changes AllowOverride None to All in httpd.conf

[Lasers]

How do I disable the daily changes to httpd.conf? All occurrences of "AllowOverride None" are changed to "AllowOverride All" allowing use of .htaccess and increasing disk activity, which I don't want.

I've only noticed this occurring recently. I tried disabling all WHM updates to no avail. Tried making httpd.conf read-only by chmodding it to 0400, it automatically was made writable.

[cpanelkenneth]

which version of cPanel?

[Lasers]

WHM 10.8.0 cPanel 10.9.0-C138

[cpanelkenneth]

When /scripts/upcp runs, it executes /scripts/checkallowoverride, unfortunately there is no (official) way to disable it. However you can do:

Code:

mv /scripts/checkallowoverride /scripts/.checkallowoverride
touch /scripts/checkallowoverride
chattr +x /scripts/checkallowoverride

Which will prevent it from happening. I'll see what can be done to make the application of checkallowoverride configurable. It's probably a legacy thing that someone requested long ago. It likely still serves a useful purpose for some, but should at least be configurable (meaning: run or don't run this script).

[Lasers]

Thanks for being specific in your reply. However...

chattr +x /scripts/checkallowoverride

Returned "usage: chattr [-RV] [-+=AacDdijsSu] [-v version] files...". So, did a "chmod 0755 /scripts/checkallowoverride", which is the same value as /scripts/.checkallowoverride. I assume that has the same effect, making the file executable.

[cpanelkenneth]

Yeah, it means I typed to fast and didn't double-check. Sorry, it's supposed to be:

Code:

chattr +i /scripts/checkallowoverride

The idea is to make it immutable (unchangeable).

[Lasers]

It's alright. Thanks for the clarification. Good that I noticed the chmod difference.

[cpanelkenneth]

The idea is to make the file unchangeable, since the next time /scripts/upcp runs, that file will be replaced since it no longer matches the integrity check. Hence the use of chattr +i to make it unchangeable.

A question for you, if you will. I checked /scripts/checkallowoverride and it's only supposed to change the AllowOverride directive when it finds the following:

Code:

<Directory />
AllowOverride None
# more directives
</Directory>

The key is the <Directory /> If the file path in the opening Directory statement is merely a slash (and only a slash), then the AllowOverride checks are performed (and possible changing your directive to All). If the AllowOverride statement is not in a Directory block, nor is merely a slash, the AllowOverride statement is skipped.

If the AllowOverride statement(s) in your httpd.conf do not match those two stipulations, and they are changed, would you mind posting those portions of httpd.conf here (or PM them to me) so I coudl examine them (feel free to appropriately sanitize them)? Thank you.