1

I am trying to deploy an application on a shared hosting (LWS). My app uses Laravel12 as a backend and Vuejs as frontend The frontend is installed directly on the domain.fr and the backend on a backend.domain.fr

The folder structure of the hosting is:

htdocs/
  |--assets(dir) //for the frontend
  |--index.html //for frontend
  |--backend(dir)
     |--app(dir)
     |--bootstrap(dir)
     |--config(dir
        |--sanctum.php
        |--cors.php
        |-- (etc.)
   
  |--database(dir)
  |--public(dir)
  |--resources(dir)
  |--routes(dir)
     |--api.php
     |--auth.php
     |--web.php
   
  |--storage(dir)
  |--test(dir)
  |--vendor(dir)
 
  |--backend.denentzat.fr //the document root of the sub domain
     |--index.php
     |--.htaccess

The index.php file in backend.denentzat.fr (document root)

<?php

use Illuminate\Http\Request;

define('LARAVEL_START', microtime(true));

// Determine if the application is in maintenance mode...
if (file_exists($maintenance = __DIR__.'/../backend/storage/framework/maintenance.php')) {
require $maintenance;
}

// Register the Composer autoloader...
require __DIR__.'/../backend/vendor/autoload.php';

// Bootstrap Laravel and handle the request...
(require_once __DIR__.'/../backend/bootstrap/app.php')
->handleRequest(Request::capture());

The .htaccess file in backend.denentzat.fr

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>
    RewriteEngine On
    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    
    # Handle X-XSRF-Token Header
    RewriteCond %{HTTP:x-xsrf-token} .
    RewriteRule .* - [E=HTTP_X_XSRF_TOKEN:%{HTTP:X-XSRF-Token}]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} (.+)/$
    RewriteRule ^ %1 [L,R=301]

    # Send Requests To Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
</IfModule>

The relevant part of the .env in backend

APP_NAME=Laravel
APP_ENV=production
APP_KEY=base64:O4uiM3LM6/ryGhkGYSz9fdeRPznPIHGcJzSTvMeuBUM=
APP_DEBUG=true
APP_URL=https://backend.denentzat.fr
FRONTEND_URL=https://denentzat.fr
REGISTER_CODE=Amendeuix
SANCTUM_STATEFUL_DOMAINS=denentzat.fr
APP_LOCALE=en
APP_FALLBACK_LOCALE=en
APP_FAKER_LOCALE=en_US
APP_MAINTENANCE_DRIVER=file          
BCRYPT_ROUNDS=12
LOG_CHANNEL=stack
LOG_STACK=single
LOG_DEPRECATIONS_CHANNEL=null
LOG_LEVEL=debug
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=a db name
DB_USERNAME=a username
DB_PASSWORD=a password
SESSION_DRIVER=file
SESSION_LIFETIME=120
SESSION_ENCRYPT=false
SESSION_PATH=/
SESSION_DOMAIN=.denentzat.fr
SESSION_SECURE_COOKIE=true
SESSION_HTTP_ONLY=true
SESSION_SAME_SITE=lax

The cors file in backend/config/

<?php
return [
    'paths' => ['*'],
    'allowed_methods' => ['*'],
    'allowed_origins' => [env('FRONTEND_URL', 'http://localhost:9000')],
    'allowed_origins_patterns' => ['*'],
    'allowed_headers' => ['*'],
    'exposed_headers' => [],
    'max_age' => 0,
    'supports_credentials' => true,
];

At the moment I make the test with an embryo of Laravel12 that permits only registering of a user (Créer un compte) or login (Se connecter) Everything works in dev.

In production, with this configuration the frontend works but all requests from the fe to

https://backend.denentzat.fr/sanctum/csrf-cookie

returns a 500 error. The body of the response is not available to the scripts (cause: CORS Missing Allow Origin)

To check further on, I also added a route to the file web.php in backend/routes/

Route::get('/test',function(){
    return 'Everything is OK';
});

Visiting https://backend.denentzat.fr/test returns

Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator at [email protected] to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

Here is an example of logs. The last time is in the case of visit to https://backend.denentzat.fr/test the other all comes 5 times with a single visit to the frontend

Date : 05/11/2025 09:53:14
 IP : 83.193.34.84:0
 Requête : GET /test HTTP/2.0
 Code HTTP : 500
 Referer : Aucun
 User-Agent : Mozilla/5.0 (X11; Linux x86_64; rv:144.0) Gecko/20100101 Firefox/144.0
 Erreur : AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.

Date : 05/11/2025 09:52:31
 IP : 83.193.34.84:0
 Requête : GET /sanctum/csrf-cookie HTTP/2.0
 Code HTTP : 500
 Referer : https://denentzat.fr/
 User-Agent : Mozilla/5.0 (X11; Linux x86_64; rv:144.0) Gecko/20100101 Firefox/144.0
 Erreur : AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.
Improve this question
6
  • The backend shows the apache error page, can you share the apache logs? Commented Nov 5 at 7:45
  • 2
    stackoverflow.com/questions/2687730/… Commented Nov 5 at 8:13
  • 2
    Request exceeded the limit of 10 internal redirects - so there is a problem with your Apache config. It looks like the backend docroot is nested under the main site docroot? So maybe they are interfering, is there an .htaccess at the top level, or something else in the top level vhost config, which might be interfering with the backend? It would be simpler to keep the docroots separate, can you do that? Have you tried using LogLevel as suggested to trace what is happening? Commented Nov 5 at 11:52
  • Thank you for this help. Yes in fact my backend documentroot is inside the main site documentroot that is htdocs. In my previous hosting, all this worked but the frontend was also in a sub domain. I will try to do this again. Commented Nov 5 at 12:07
  • After placing the frontend in a sub-domain the trouble remains. Commented Nov 5 at 12:22

2 Answers 2

Reset to default
4

There is an important information in the webserver's diagnostic message:

AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.

Internal redirects in Apache can be related to mod-rewrite rules as they can make use of it. For example with your configuration. However it is often hard to say exactly where (I once draw on top of the Apache rewrite flowchart in the question apache - Mod_Rewrite unexpected behavior L flag - Stack Overflow which may show a better picture for you).

This LimitInternalRecursion, the limit of the 10 internal redirects, is to prevent endless internal loopings - like not escaping the traffic-circle around the arc-de-triumph.

As the diagnostic message suggests, use the 'LogLevel debug' temporarily to get a backtrace. This often helps to better understand.

Also double-check the L flag, this may introduce the endless internal redirect:

               ,---------------------------------------,.
              `´                                       ||
    # Redirect Trailing Slashes If Not A Folder...     ||
    RewriteCond %{REQUEST_FILENAME} !-d                ||
    RewriteCond %{REQUEST_URI} (.+)/$                  ||
    RewriteRule ^ %1 [L,R=301]  -----------------------'|
              `´                                        |
    # Send Requests To Front Controller...              |
    RewriteCond %{REQUEST_FILENAME} !-d                 |
    RewriteCond %{REQUEST_FILENAME} !-f                 |
    RewriteRule ^ index.php [L]  -----------------------'

But I do not spot anything directly, so I would recommend to follow the diagnostic message recommendation to get the backtrace.

Additionally you can try and also temporarily double the limit from 10 to quatrevingtdixneuf (joke, 20) and if it works then. This may also show more repetition patterns in the backtrace, so depending on taste and mood of day, playing with all combinations may already give good clues.

In any case you can continue to edit the question and prolong on the backtrace.

Btw., this is likely not related to the PHP error traces, so an Apache configuration, not necessarily a PHP configuration thing. However, sometimes you may spot as well interesting patterns in the PHP error log at the same instant. So just saying.

Edit: Now seeing: index.php PATHINFO style (index.php/...) URLs are not a folder, so first they trigger the lower rewriting which re-enters the loop on L as the rewrite was done. Then still not a directory and having a trailing slash, triggering the next rewriting that removes the trailing slash and L for re-entering. Now the slash has been removed but it's still not a file or a directory so this time the second rule triggers again and so and and so forth.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Thanks for your help. I eventually solved the trouble with this .htaccess

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>

    RewriteEngine On

    # -------------------------------
    # Handle Authorization Header
    # -------------------------------
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # -------------------------------
    # Redirect Trailing Slashes if not a folder
    # -------------------------------
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} (.+)/$
    RewriteCond %{REQUEST_URI} !^/index\.php/$
    RewriteRule ^ %1 [R=301,L]

    # -------------------------------
    # Front Controller
    # -------------------------------
    # Si ce n'est pas un fichier, pas un dossier et pas index.php déjà
    # If it is not a file, not a dir and not index.php already
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_URI} !^/index\.php$
    RewriteRule ^ index.php [END]
</IfModule>

I am not very clever at Apache configuration so I searched help in chatGPT to arrive to this solution. I know chatGPT is not reliable but I really think it could help me to get a better understanding. The fact is that this solution seems to work not to say it works.

First of all I must say I am on a shared hosting and have not access to Apache's configuration and cannot set the LogLevel.

Things are not fully clear to me but I can say I understood that despite the L flag in some configurations it's possible to loop on rewriting to index.php thus the

RewriteCond %{REQUEST_URI} !^/index\.php$

prevents to rewrite if it is already index.php

The END flag that means absolute end of rewriting doesn't seem to be mandatory.

I apologize for my unsatisfactory answer and hope more competent persons will be able to bring a more accurate answer

Improve this answer

4 Comments

For future readers, would you explain why this solves it?
Hi halfer, I hope my edits are what you expect.
@Meaulnes: This (the edit) is likely a no-fit on SO because guesswork of a large language model. Stackoverflow is more about human knowledge and reasoning. Btw. were you able to obtain the backtrace / debug-log? Showing insights from that IMHO would make a good addition for an actual explanation and others to follow it. Shotgun troubleshooting without the precision which actual setting caused it and why may give some insights, but it is not that far reaching.
Ah, no, sorry; AI text generation is subject to deletion here. It is not reliable enough to rely on its output. Could you summarise the nature of the solution in your own words?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.