Apache .htaccess: 500 Internal Server Error

Diagnose and fix the Apache 500 Internal Server Error caused by .htaccess syntax errors, disabled mod_rewrite, or AllowOverride None.

When Apache .htaccess Produces the 500 Internal Server Error
What Causes the 500 Internal Server Error in Apache .htaccess
How to Fix the 500 Internal Server Error in Apache .htaccess
How to Verify the 500 Internal Server Error Fix
Edge Cases and Variations
Related Apache .htaccess Errors

Apache HTTP Server returns a 500 Internal Server Error when the .htaccess file contains a syntax error, references a disabled module, or uses directives not permitted by the AllowOverride configuration.

The 500 Internal Server Error appears in several variations:

"Internal Server Error. The server encountered an internal error or misconfiguration and was unable to complete your request."
"500 Internal Server Error"
"500 -- Internal server error. There is a problem with the resource you are looking for, and it cannot be displayed."

When Apache .htaccess Produces the 500 Internal Server Error

Apache HTTP Server returns a 500 Internal Server Error when it cannot parse the .htaccess file or cannot execute the directives within it. This error affects every request to the directory where the .htaccess file resides and all subdirectories beneath it.

Apache HTTP Server also returns 500 when the .htaccess file references a module that is not loaded. For example, RewriteEngine On causes a 500 error if mod_rewrite is not enabled. Apache logs the specific parsing failure in the error log with the exact line number and directive that failed.

What Causes the 500 Internal Server Error in Apache .htaccess

A syntax error in .htaccess causes Apache to return 500 Internal Server Error.Apache HTTP Server parses the .htaccess file on every request. A misspelled directive name, missing closing tag, or invalid regular expression in a RewriteRule causes the parser to fail. Apache stops processing the request and returns 500 instead of serving the page.

A disabled mod_rewrite module causes Apache to return 500 Internal Server Error.Apache HTTP Server treats RewriteEngine, RewriteRule, and RewriteCond directives as invalid syntax when mod_rewrite is not loaded. The .htaccess file triggers a parsing failure because Apache does not recognize the directives.

AllowOverride None in the server configuration causes Apache to return 500 Internal Server Error.Apache 2.4 defaults to AllowOverride None, which prevents .htaccess files from using any directives. When .htaccess contains directives that the AllowOverride setting does not permit, Apache rejects them and returns 500. The error log shows a message such as ".htaccess: {directive} not allowed here".

How to Fix the 500 Internal Server Error in Apache .htaccess

Confirm that .htaccess is the source of the 500 error. Rename or empty the .htaccess file and reload the page. If the error disappears, the .htaccess file contains the problem.
```
cd /var/www/example_com/public_html/
mv .htaccess .htaccess.bak
```
Reload the page. If it works, the .htaccess content caused the error.
Check the Apache error log for the exact cause. Apache HTTP Server logs the specific directive and line number that triggered the failure. The error log provides the fastest path to identifying the problem.
On Debian and Ubuntu:
```
tail -20 /var/log/apache2/error.log
```
On CentOS and RHEL:
```
tail -20 /var/log/httpd/error_log
```
Look for entries such as:
```
.htaccess: Invalid command 'RewriteEngine', perhaps misspelled or defined by a module not included in the server configuration
```
Enable mod_rewrite if the error log mentions RewriteEngine, RewriteRule, or RewriteCond as invalid commands. The a2enmod command activates modules on Debian and Ubuntu.
```
sudo a2enmod rewrite
sudo systemctl restart apache2
```
On CentOS and RHEL, uncomment the mod_rewrite line in the Apache configuration:
```
sudo vi /etc/httpd/conf.modules.d/00-base.conf
```
Find and uncomment:
```
LoadModule rewrite_module modules/mod_rewrite.so
```
Restart Apache:
```
sudo systemctl restart httpd
```
Set AllowOverride to permit the directives used in .htaccess. Open the Apache configuration file and locate the <Directory> block for the document root.
```
<Directory /var/www/example_com/public_html>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>
```
Setting AllowOverride All permits all .htaccess directives. For tighter control, specify individual override classes:
```
AllowOverride AuthConfig FileInfo Options
```
Restart Apache after changing the configuration:
```
sudo systemctl restart apache2
```
Fix syntax errors in the .htaccess file. Restore the backup file and correct the directive that the error log identified. Common syntax errors include:
- Misspelled directive names ( RewriteEngin instead of RewriteEngine).
- Missing closing tags ( <Files> without </Files>).
- Invalid regular expressions in RewriteRule or RewriteCond patterns.
- Mixing Apache 2.2 and 2.4 access control directives.
Re-add directives one at a time and test after each addition to isolate the failing rule.

How to Verify the 500 Internal Server Error Fix

Restore the corrected .htaccess file and navigate to the URL that returned the 500 error. Apache HTTP Server serves the requested page when the syntax is valid, the required modules are loaded, and AllowOverride permits the directives.

Monitor the error log while testing to confirm no new errors appear:

tail -f /var/log/apache2/error.log

Edge Cases and Variations

.htaccess encoding causes a 500 error.Apache HTTP Server expects .htaccess files in UTF-8 or ASCII encoding without a Byte Order Mark (BOM). Files saved with a BOM or in UTF-16 encoding cause parsing failures. Re-save the file in UTF-8 without BOM.

A .htaccess file in a parent directory causes the 500 error.Apache reads .htaccess files from every directory in the request path. A syntax error in a parent directory's .htaccess file affects all subdirectories. Check .htaccess files in parent directories up to the document root.

The 500 error appears after an Apache version upgrade.Apache 2.4 deprecated the Order, Allow, and Deny directives from Apache 2.2. If mod_access_compat is not loaded, these directives cause a 500 error. Replace them with the Apache 2.4 Require directive from mod_authz_core.

Apache 2.2 (deprecated)	Apache 2.4 (current)
`Order Allow,Deny`/ `Allow from all`	`Require all granted`
`Order Deny,Allow`/ `Deny from all`	`Require all denied`

Related Apache .htaccess Errors

Apache .htaccess: 403 Forbidden-- Apache returns a 403 error when access control directives deny the request or file permissions prevent access. A 403 error means Apache parsed the .htaccess file successfully but chose to deny the request, unlike a 500 error where parsing itself failed.