LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   problem with configuring apache for access (https://www.linuxquestions.org/questions/linux-general-1/problem-with-configuring-apache-for-access-414852/)

irvken 02-13-2006 05:31 AM
problem with configuring apache for access
 
I'm trying to get a file from a deb machine to a red hat box, and thought the easiest way would be to wget it. However everytime I try to access the deb server I get a 403 error from apache even in the root directory. I've tried setting the permisions to 777 but that hasn't worked, what else could I try?

bulliver 02-13-2006 03:25 PM
Quote:
I've tried setting the permisions to 777 but that hasn't worked, what else could I try?
Do you have .htaccess files that may be overriding the default settings? Probably we will need to see your conf file here. Does access not work from anywhere, or just the RH box?

Btw: you really should change the permissions from 777 back to what they were. Typically they should be owned by root, with group 'apache' (or 'nobody' if that is what apache runs as) and 644 permissions.

irvken 02-13-2006 03:55 PM
Quote:
Originally Posted by bulliver
Do you have .htaccess files that may be overriding the default settings? Probably we will need to see your conf file here. Does access not work from anywhere, or just the RH box?
No, don't have .htaccess files and access doesn't work from anywhere on the network, all 403's. Conf file seems a little bit long to paste and is only the default one as far as I know.

Quote:
Originally Posted by bulliver
Btw: you really should change the permissions from 777 back to what they were. Typically they should be owned by root, with group 'apache' (or 'nobody' if that is what apache runs as) and 644 permissions.
neither of which groups exist. i did create user www-data, cos that works on another server I "manage", but still nothing. I've cahnged the permissions back to waht you said (although I think the default was 744) and ownership to root.root but same result :(

bulliver 02-13-2006 04:56 PM
Quote:
Conf file seems a little bit long to paste and is only the default one as far as I know.
Well, that's almost certain to be your problem then. You are either going to have to post it or else muddle through yourself. You can run the conf file through this script:
http://badcomputer.org/unix/code/cfgcl.bot
To clean out blank and commented lines to save bandwidth.

Quote:
i did create user www-data, cos that works on another server I "manage", but still nothing.
That will do nothing if that is not what apache is running as. You are going to have to edit the conf file and change:
Code:
User www-data
Group www-data
if that is the user you want to run as, but really, using apache is the norm. You must also ensure at a bare minimum that "ServerName" directive is set to a proper value.

irvken 02-20-2006 04:00 AM
couldn't get that script to run so I've edited out the #comments manually (almost)

Code:
##
## httpd.conf -- Apache HTTP server configuration file
##


### Section 1: Global Environment
#
ServerType standalone

#
ServerRoot /etc/apache

#
LockFile /var/lock/apache.lock

#
PidFile /var/run/apache.pid

#
ScoreBoardFile /var/run/apache.scoreboard

#
Timeout 300

KeepAlive On

#
MaxKeepAliveRequests 100

#
KeepAliveTimeout 15

#
MinSpareServers 5
MaxSpareServers 10

#
StartServers 5

#
MaxClients 150

#
MaxRequestsPerChild 100

#
#Listen 3000
#Listen 12.34.56.78:80

#
#BindAddress *

#
# Please keep this LoadModule: line here, it is needed for installation.
Include /etc/apache/modules.conf

#
<IfModule mod_status.c>
  ExtendedStatus On
</IfModule>

### Section 2: 'Main' server configuration

#
Port 80

#
User www-data
Group www-data

#
ServerAdmin webmaster@localhost

#
ServerName localhost

#
DocumentRoot /var/www

#
<Directory />
    Options SymLinksIfOwnerMatch
    AllowOverride None
</Directory>

#
<Directory /var/www/>

    Options Indexes Includes FollowSymLinks MultiViews

#
    AllowOverride None

#
    Order allow,deny
    Allow from all
</Directory>

<IfModule mod_userdir.c>
    UserDir public_html

#
    <Directory /home/*/public_html>
        AllowOverride FileInfo AuthConfig Limit
        Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
        <Limit GET POST OPTIONS PROPFIND>
            Order allow,deny
            Allow from all
        </Limit>
        <Limit PUT DELETE PATCH PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
            Order deny,allow
            Deny from all
        </Limit>
    </Directory>
</IfModule>

#
# DirectoryIndex: Name of the file or files to use as a pre-written HTML
# directory index.  Separate multiple entries with spaces.
#
<IfModule mod_dir.c>
    DirectoryIndex index.html index.htm index.shtml index.cgi index.php
</IfModule>

#
AccessFileName .htaccess

#
<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>

#
UseCanonicalName Off

#
# TypesConfig describes where the mime.types file (or equivalent) is
# to be found.
#
TypesConfig /etc/mime.types

#
DefaultType text/plain

#
#
<IfModule mod_mime_magic.c>
    MIMEMagicFile /usr/share/file/magic.mime
</IfModule>

#
#
HostnameLookups Off


#
#
ErrorLog /var/log/apache/error.log

#
LogLevel warn

#
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{forensic-id}n\" %T %v" full
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{forensic-id}n\" %P %T" debug
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{forensic-id}n\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{forensic-id}n\"" forensic
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

#
CustomLog /var/log/apache/access.log combined

<IfModule mod_log_forensic.c>
 ForensicLog /var/log/apache/forensic.log
</IfModule>

#
<IfModule mod_backtrace.c>
 EnableExceptionHook On
</IfModule>

<IfModule mod_whatkilledus.c>
 EnableExceptionHook On
</IfModule>

#
ServerSignature On

#
#ServerTokens Full

#

<IfModule mod_alias.c>
    Alias /icons/ /usr/share/apache/icons/

    <Directory /usr/share/apache/icons>
        Options Indexes MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>

    Alias /images/ /usr/share/images/

    <Directory /usr/share/images>
        Options MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>
</IfModule>

#
<IfModule mod_alias.c>
    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/

#
    <Directory /usr/lib/cgi-bin/>
        AllowOverride None
        Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Order allow,deny
        Allow from all
    </Directory>
</IfModule>

#


<IfModule mod_autoindex.c>

    IndexOptions FancyIndexing NameWidth=*

    AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

    AddIconByType (TXT,/icons/text.gif) text/*
    AddIconByType (IMG,/icons/image2.gif) image/*
    AddIconByType (SND,/icons/sound2.gif) audio/*
    AddIconByType (VID,/icons/movie.gif) video/*

    AddIcon /icons/binary.gif .bin .exe
    AddIcon /icons/binhex.gif .hqx
    AddIcon /icons/tar.gif .tar
    AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
    AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
    AddIcon /icons/a.gif .ps .ai .eps
    AddIcon /icons/layout.gif .html .shtml .htm .pdf
    AddIcon /icons/text.gif .txt
    AddIcon /icons/c.gif .c
    AddIcon /icons/p.gif .pl .py
    AddIcon /icons/f.gif .for
    AddIcon /icons/dvi.gif .dvi
    AddIcon /icons/uuencoded.gif .uu
    AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
    AddIcon /icons/tex.gif .tex
    AddIcon /icons/bomb.gif core
    AddIcon /icons/deb.gif .deb

    AddIcon /icons/back.gif ..
    AddIcon /icons/hand.right.gif README
    AddIcon /icons/folder.gif ^^DIRECTORY^^
    AddIcon /icons/blank.gif ^^BLANKICON^^

    DefaultIcon /icons/unknown.gif

    ReadmeName README.html
    HeaderName HEADER.html



    # Uncomment the following IndexIgnore line to add README.* to the file
    # list that will not be displayed by mod_autoindex.
    # It is not enabled by default on Debian system to permit users to properly
    # browse Debian documentation (/doc/)
    #
    #IndexIgnore README.*

</IfModule>

#
# Document types.
#
<IfModule mod_mime.c>


    AddEncoding x-compress Z
    AddEncoding x-gzip gz tgz

    AddLanguage da .dk
    AddLanguage nl .nl
    AddLanguage en .en
    AddLanguage et .ee
    AddLanguage fr .fr
    AddLanguage de .de
    AddLanguage el .el
    AddLanguage it .it
    AddLanguage ja .ja
    AddCharset ISO-2022-JP .jis
    AddLanguage pl .po
    AddCharset ISO-8859-2 .iso-pl
    AddLanguage pt .pt
    AddLanguage pt-br .pt-br
    AddLanguage lb .lu
    AddLanguage ca .ca
    AddLanguage es .es
    AddLanguage sv .se
    AddLanguage cs .cz

    <IfModule mod_negotiation.c>
        LanguagePriority en da nl et fr de el it ja pl pt pt-br lb ca es sv
    </IfModule>

    AddType application/x-tar .tgz
    AddType image/bmp .bmp

    AddType text/x-hdml .hdml

    <IfModule mod_include.c>
    AddType text/html .shtml
    AddHandler server-parsed .shtml
    </IfModule>


</IfModule>

AddDefaultCharset on


<IfModule mod_setenvif.c>
    BrowserMatch "Mozilla/2" nokeepalive
    BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0

    BrowserMatch "RealPlayer 4\.0" force-response-1.0
    BrowserMatch "Java/1\.0" force-response-1.0
    BrowserMatch "JDK/1\.0" force-response-1.0
</IfModule>


# If the perl module is installed, this will be enabled.
<IfModule mod_perl.c>
  <IfModule mod_alias.c>
  Alias /perl/ /var/www/perl/
  </IfModule>
  <Location /perl>
    SetHandler perl-script
    PerlHandler Apache::Registry
    Options +ExecCGI
  </Location>
</IfModule>

<IfModule mod_alias.c>
 Alias /doc/ /usr/share/doc/
</IfModule>

<Location /doc>
  order deny,allow
  deny from all
  allow from 127.0.0.0/255.0.0.0
  Options Indexes FollowSymLinks MultiViews
</Location>


<IfModule mod_proxy.c>

</IfModule>
# End of proxy directives.

### Section 3: Virtual Hosts
Include /etc/apache/conf.d
to be honest, I can't see anything here any different from apache servers I do have working

darthtux 02-20-2006 04:28 AM
I hope you didn't set the directory permissions to 644 or no one will be able to access it. Web directories should be 755.

Can you view files in the web directory using a browser?

My Debian DocumentRoot directory is owned by root:root. If you are using a user that doesn't exist, then you will get an error.

irvken 02-22-2006 11:04 AM
Quote:
Originally Posted by darthtux
I hope you didn't set the directory permissions to 644 or no one will be able to access it. Web directories should be 755.
yes everything is either 755 dirs or 744 docs

Quote:
Can you view files in the web directory using a browser?
It's 2 remote servers so I'm using lynx but getting a 403 on anything

Quote:
My Debian DocumentRoot directory is owned by root:root. If you are using a user that doesn't exist, then you will get an error.
root:root same

irvken 03-12-2006 06:44 AM
I think the problem was installing the mepis release cnadidate rather than a tried and tested disto version, I can't create any user accounts that can be logged into either now.


All times are GMT -5. The time now is 06:42 AM.