Apache DirectorySlash Off - Site breaks

As you know per the documentation, when DirectorySlash is set to Off, requests to /folder do not have DirectoryIndex evaluated. This means that the request will not be automatically mapped to /folder/index.php.

mod_dir performs this check in the "fixup" phase of the request processing. mod_rewrite, which is responsible for your RewriteRule definitions, also performs its processing in this phase when you specify the rules in a .htaccess file.

However, it was programmed with an awareness of modules like mod_dir, and includes a check to make sure that the current directory was requested with a trailing slash. If not, it declines to handle the request, since doing so might lead to undefined behaviour.

The request then moves on to the content-generation phase, which, since the request was not mapped to a real file, is handled by mod_autoindex. Given that Indexes are disabled on your host by default, mod_autoindex returns 403 Forbidden which is what you see.

Note that since DirectoryIndex is not evaluated, even if mod_rewrite were to process the request, it would still fail, because no auto-resolution to index.php would occur, and your rule

RewriteRule . /folder/index.php [L]

wouldn't match, because the . requires a match on something (but the request would be blank).

Enabling DirectorySlash prevents this scenario by correcting the prevented actions in all of the previously mentioned scenarios except the last note, which is taken care of by the fact that DirectoryIndex maps the request to index.php anyway.


With Apache 2.4 you can allow rewrites in .htaccess files by setting RewriteOptions AllowNoSlash.

 Changes with Apache 2.3.16
 ...
 *) mod_rewrite: Add the AllowNoSlash RewriteOption, which makes it possible
    for RewriteRules to be placed in .htaccess files that match the directory
    with no trailing slash. PR 48304.
    [Matthew Byng-Maddick <matthew byng-maddick bbc.co.uk>]
 ...

See Apache documentation of mod_rewrite