I have an admin area where I login as described here. This form works in dev enviroment, but when I switch to production the /admin route returns a 404.
The Controller (404 when not using app_dev.php):
/**
* @Route("/admin", name="mainPage")
*/
public function indexAction(Request $request)
{
return $this->render('admin/index.html.twig', array());
}
My .htaccess in /web (removed comments for readability)
DirectoryIndex app.php
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
RewriteRule ^(.*) - [E=BASE:%1]
RewriteCond %{HTTP:Authorization} .
RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^app\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^ - [L]
RewriteRule ^ %{ENV:BASE}/app.php [L]
</IfModule>
<IfModule !mod_rewrite.c>
<IfModule mod_alias.c>
RedirectMatch 302 ^/$ /app.php/
</IfModule>
</IfModule>
And finally, my 000-default.conf
DocumentRoot /var/www/html/web
<Directory /var/www/html/web>
AllowOverride All
Allow from All
</Directory>
Where is the error? The /admin/login route shows the login form. After the login I am moved to admin/ (with 404), but when I enter another address manually that is protected it works (e.g. admin/setup/prices) as I am actually logged in.
Changing the route from /admin to /admin/start for example does not change anything.
If you need the security.yml:
# To get started with security, check out the documentation:
# http://symfony.com/doc/current/book/security.html
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
AppBundle\Entity\User: bcrypt
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory: ~
our_db_provider:
entity:
class: AppBundle:User
property: username
access_control:
- { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
# activate different ways to authenticate
http_basic: ~
# http://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate
provider: our_db_provider
form_login:
login_path: login_route
check_path: login_check
csrf_token_generator: security.csrf.token_manager
use_referer: true
logout:
path: logout_route
target: mainPage
# http://symfony.com/doc/current/cookbook/security/form_login_setup.html
UPDATE
I see now that /admin is actually called but get 301 to /admin/
So I think the issue is with this line from the htaccess:
RewriteCond %{ENV:REDIRECT_STATUS} ^$
RewriteRule ^app\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
Changing the route in the controller to /admin/ does not help though.
