mod_rewrite no longer taking effect after applying sspi rules in server config

Question

I am creating a project in codeIgniter, using wamp to develop on locally (Apache 2.4). Throughout the project I've had mod_rewrite switched on to remove the index.php that appears in urls in codeigniter by default by using the .htaccess file in the codeigniter project directory i.e. C:\wamp\www\codeIgniter\.htaccess.

We needed windows authentication in the application so after finally managing to get the ldap and sspi modules working, I applied the following to the httpd.conf file in c:wamp\bin\apache\Apache2.4.4\conf\httpd.conf

<Directory "c:/wamp/www/codeIgniter">
 AllowOverride None
 Options None
 Order allow,deny
 Allow from all

 AuthName "protected"
 AuthType SSPI
 SSPIAuth On
 SSPIAuthoritative On
 SSPIOmitDomain On 

 require valid-user
</Directory>

I got this config here.

After making these change to the httpd.conf file, the mod_rewrite rules seem to no longer apply and I must write index.php after the root of the project to get a url to load.

After reading some of the Apache documentation on setting up httpd.conf config and .htaccess files it recommends that .htaccess files should not be used if access to the server config is possible:

In general, you should only use .htaccess files when you don't have access to the main server configuration file. There is, for example, a common misconception that user authentication should always be done in .htaccess files, and, in more recent years, another misconception that mod_rewrite directives must go in .htaccess files. This is simply not the case. You can put user authentication configurations in the main server configuration, and this is, in fact, the preferred way to do things. Likewise, mod_rewrite directives work better, in many respects, in the main server configuration. Link

So firstly I'm trying to understand how I can get my mod_rewrite rules working again happily alongside my sspi stuff and secondly how I can move my mod_rewrite rules from .htaccess to my server config file httpd.conf.

I have tried switching AllowOverride All in the server config as in the above-mentioned code but this seems to make everything inaccessible. I have also tried changing Order allow,deny and Allow from all to Require all granted but this seems to cause similar issues too. Adding my mod_rewrite rules to the in the server config also caused everything to be inaccessible. Any guidance would be most appreciated! Thank you.

My .htaccess is as follows:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /codeIgniter
#RewriteBase /codeIgniter

#Removes access to the system folder by users.
#Additionally this will allow you to create a System.php controller,
#previously this would not have been possible.
#'system' can be replaced if you have renamed your system folder.
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ /index.php?/$1 [L]

#When your application folder isn't in the system folder
#This snippet prevents user access to the application folder
#Submitted by: Fabdrol
#Rename 'application' to your applications folder name.
RewriteCond %{REQUEST_URI} ^application.*
RewriteRule ^(.*)$ /index.php?/$1 [L]

#Checks to see if the user is attempting to acces a valid file,
#such as an image or css document, if this isn't true it sends the
#request to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L] 

<IfModule !mod_rewrite.c>
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
# Submitted by: ElliotHaughin

ErrorDocument 404 /index.php

Answer 1

Read up on how AllowOverride works. None disables .htaccess files. You need FileInfo at a minimum.

Htaccess file processing does incur a performance hit because the access files are read and parsed each request whereas the server and virtual host rules are read and cached at Apache start up. However, this has to be traded against the flexibility of being able to change your rule processing on a per request rule basis. For local development, you can ignore this advice.

Also read up on the difference between the per-directory processing of rewrite rules. In particular, drop the leading / characters on any RewriteRule match patterns. In contrast the Request URI always includes the leading /.

RewriteCond %{REQUEST_URI} ^/system/
RewriteRule ^(.*)$ index.php?/$1 [L]

makes sense though I am not sure that this is what you are trying to do.

Postscript

A more elegant way of doing your two rules is to combine them, for example:

RewriteCond %{REQUEST_URI} ^/(system|application)/
RewriteRule ^.* index.php?/$0 [L]

Answer 2

I followed the advice given in the answer here and it seemed to solve the issue. So I assume the issue was down altering the options directives.

The parts of my httpd.conf file that I changed now look like this:

<Directory />
 #AllowOverride none
 #Require all granted

 #Options FollowSymLinks
 Options Indexes FollowSymLinks Includes ExecCGI
 AllowOverride All
 Order deny,allow
 Allow from all
</Directory>

<Directory "c:/wamp/www/codeIgniter">
 #AllowOverride FileInfo AuthConfig
 #Options None
 Order allow,deny
 Allow from all

 AuthName "protected"
 AuthType SSPI
 SSPIAuth On
 SSPIAuthoritative On
 SSPIOmitDomain On 

 require valid-user
</Directory>

I made the changes the rewrite rules @TerryE recommended too in my .htaccess file. They now look like this:

RewriteCond %{REQUEST_URI} ^/system/
RewriteRule ^(.*)$ index.php?/$1 [L]

RewriteCond %{REQUEST_URI} ^/application/
RewriteRule ^(.*)$ index.php?/$1 [L]