Error 500 / No Font or other UI elements

Product Support Mautic 5 Install/Upgrade Support
1

Your software
My Mautic version is: 5.2.1
My PHP version is: 8.2.26
My Database type and version is: MariaDB 10.11.9

Your problem
My problem is:
After upgrading I am unable to get Mautic to load the font files, nor the favicon.
/mautic/app/bundles/CoreBundle/Assets/css/libraries/remixicon/fonts/remixicon.woff2?t=1718271040674

returns an error 500

These errors are showing in the log:
Nothing shows in the logs for mautic, nor for apache, or the php error log.

Steps I have tried to fix the problem:
Confirmed the .htaccess file has the /mautic/ change to handle the install living in the path of /mautic/ instead of the root of the server.

I checked the schema at: /mautic/s/update/schema and all is fine there.
I ran all the permissions checks / fixes I could find, everything is owned by the webserver user/group (wwwrun:www)
I cleared the cache.
I have run multiple items form the console, and didn’t get any errors. This includes running “mautic:assets:generate”
Loading new assets works fine, other edits all seems to be fine.

I can confirm that the font file exists and is world readable in:

app/bundles/CoreBundle/Assets/css/libraries/remixicon/fonts/remixicon.woff2

my .htaccess is as follows:

# Use the front controller as index file. It serves as a fallback solution when
# every other rewrite/redirect fails (e.g. in an aliased environment without
# mod_rewrite). Additionally, this reduces the matching process for the
# start page (path "/") because otherwise Apache will apply the rewriting rules
# to each configured DirectoryIndex file (e.g. index.php, index.html, index.pl).
#DirectoryIndex index.php

<IfModule mod_rewrite.c>
    RewriteEngine On

    # Set Authorization header for OAuth2 for when php is running under fcgi
    RewriteCond %{HTTP:Authorization} .+
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Determine the RewriteBase automatically and set it as environment variable.
    # If you are using Apache aliases to do mass virtual hosting or installed the
    # project in a subdirectory, the base path will be prepended to allow proper
    # resolution of the app.php file and to redirect to the correct URI. It will
    # work in environments without path prefix as well, providing a safe, one-size
    # fits all solution. But as you do not need it in this case, you can comment
    # the following 2 lines to eliminate the overhead.
    RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
    RewriteRule ^(.*) - [E=BASE:%1]

    # Redirect to URI without front controller to prevent duplicate content
    # (with and without `/app.php`). Only do this redirect on the initial
    # rewrite by Apache and not on subsequent cycles. Otherwise we would get an
    # endless redirect loop (request -> rewrite to front controller ->
    # redirect -> request -> ...).
    # So in case you get a "too many redirects" error or you always get redirected
    # to the start page because your Apache does not expose the REDIRECT_STATUS
    # environment variable, you have 2 choices:
    # - disable this feature by commenting the following 2 lines or
    # - use Apache >= 2.3.9 and replace all L flags by END flags and remove the
    #   following RewriteCond (best solution)
    RewriteCond %{ENV:REDIRECT_STATUS} ^$
    RewriteRule ^index\.php(/(.*)|$) %{ENV:BASE}/$2 [R=301,L]

    # If the requested filename exists, simply serve it.
    # We only want to let Apache serve files and not directories.
    RewriteCond %{REQUEST_FILENAME} -f
    RewriteRule .? - [L]

    # Rewrite all other queries to the front controller.
    RewriteRule .? %{ENV:BASE}/index.php [L]
</IfModule>

<IfModule !mod_rewrite.c>
    <IfModule mod_alias.c>
        # When mod_rewrite is not available, we instruct a temporary redirect of
        # the start page to the front controller explicitly so that the website
        # and the generated links can still be used.
        RedirectMatch 302 ^(?!/(index\.php|app|addons|plugins|media|upgrade))(/(.*))$ /index.php$2
        # RedirectTemp cannot be used instead
    </IfModule>
</IfModule>

<IfModule mod_php5.c>
    # @link https://github.com/mautic/mautic/issues/1504
    php_value always_populate_raw_post_data -1
</IfModule>

<IfModule mod_deflate.c>
    <IfModule mod_filter.c>
        AddOutputFilterByType DEFLATE application/javascript
        AddOutputFilterByType DEFLATE application/rss+xml
        AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
        AddOutputFilterByType DEFLATE application/x-font
        AddOutputFilterByType DEFLATE application/x-font-opentype
        AddOutputFilterByType DEFLATE application/x-font-otf
        AddOutputFilterByType DEFLATE application/x-font-truetype
        AddOutputFilterByType DEFLATE application/x-font-ttf
        AddOutputFilterByType DEFLATE application/x-javascript
        AddOutputFilterByType DEFLATE font/opentype
        AddOutputFilterByType DEFLATE font/otf
        AddOutputFilterByType DEFLATE font/ttf
        AddOutputFilterByType DEFLATE image/svg+xml
        AddOutputFilterByType DEFLATE image/x-icon
        AddOutputFilterByType DEFLATE text/css
        AddOutputFilterByType DEFLATE text/javascript
        # Do not enable compression for file types that could contain secrets
        #AddOutputFilterByType DEFLATE text/html
        #AddOutputFilterByType DEFLATE text/plain
        #AddOutputFilterByType DEFLATE text/xml
        #AddOutputFilterByType DEFLATE application/xhtml+xml
        #AddOutputFilterByType DEFLATE application/xml
        #AddOutputFilterByType DEFLATE application/json
        <IfModule mod_setenvif.c>
            <IfModule mod_header.c>
                # Remove browser bugs (only needed for really old browsers)
                BrowserMatch ^Mozilla/4 gzip-only-text/html
                BrowserMatch ^Mozilla/4\.0[678] no-gzip
                BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
                Header append Vary User-Agent
            </IfModule>
        </IfModule>
    </IfModule>
</IfModule>

# Apache 2.4+
<IfModule authz_core_module>
    # Deny access via HTTP requests to all PHP files.
    <FilesMatch "\.php$">
        Require all denied
    </FilesMatch>

    # Deny access via HTTP requests to composer files.
    <FilesMatch "^(composer\.json|composer\.lock)$">
        Require all denied
    </FilesMatch>

    # Except those allowed below.
    <If "%{REQUEST_URI} =~ m#^/mautic/(index|upgrade/upgrade)\.php#">
        Require all granted
    </If>
</IfModule>

# Fallback for Apache < 2.4
<IfModule !authz_core_module>
    # Deny access via HTTP requests to all PHP files.
    <FilesMatch "\.php$">
        Order deny,allow
        Deny from all
    </FilesMatch>

    # Deny access via HTTP requests to composer files
    <FilesMatch "^(composer\.json|composer\.lock)$">
        Order deny,allow
        Deny from all
    </FilesMatch>

    # Except those allowed below.
    <If "%{REQUEST_URI} =~ m#^/mautic/(index|upgrade/upgrade)\.php#">
        Order allow,deny
        Allow from all
    </If>
</IfModule>
2

I did some more testing.

if I create a file “text.txt” in /app I can access it at:
https://myhost/mautic/app/text.txt

However if I try doing the same under “bundles” i get the same error 500 I get for the fonts, etc.

3

I found it! I turned on debug level logging in apache.

There are additional .htaccess files in the “app/assets” and “app/bundles” folders. The content of these files are not valid on apache 2.4.

“Invalid command ‘allow’, perhaps misspelled or defined by a module not included in the server configuration”

“Invalid command ‘Order’, perhaps misspelled or defined by a module not included in the server configuration”

The files need to be modified to take into account Apache 2.4.

For the moment, I have renamed the files “.htaccess-invalid” until I can come up with a proper 2.4 version.

4

This is how to declare it properly in Apache 2.4:
https://httpd.apache.org/docs/2.4/howto/access.html

i.e. To make it compatible w/ both 2.2 and 2.4

# Apache 2.4
<IfModule mod_authz_core.c>
    Require all denied
</IfModule>

# Apache 2.2
<IfModule !mod_authz_core.c>
    Order Allow,Deny
    Deny from all
</IfModule>
1 Like
5

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.