[SOLVED] Apache wiz needed... 403 errors

panic · 08-03-2011, 03:23 PM

Hello All

I'm been tasked with the job of moving a web site from one server (off site) to another server (in our LAN). I've tarballed up all of the files, moved them to our local server, did a db dump, imported all of the db data to the local mysql db, and added the users that it used on the remote server.

I can connect to the db no problem, with all of the user types, and if I create any php (or html) file and dump it into the doc root folder it servers fine. However, ALL of the files that I've copied over give out 403 (forbidden access) errors. Index.php, subfolder files, etc

I've been googling around and it seems as if all of the fixes suggested don't seem to work. I've chmoded to 777 (recursive), I've chowned to root:root (again recursive) and apache:apache, both to the document root folder and its content files. Nothing seems to be working. No matter what I change I always get the 403.

Thanks for reading, any help/ideas to try would be awesome

corp769 · 08-03-2011, 03:33 PM

Hello,

Could you tell us the location of the files, and where they are needed? You may have to specify the full path to the files, or reconfigure your configuration to point to them if all of the permissions are properly set up how they are supposed to be. I also recommend clearing your cache of your browser just to rule that out.

Cheers,

Josh

panic · 08-03-2011, 03:38 PM

Quote:

Originally Posted by corp769

Hello,

Could you tell us the location of the files, and where they are needed? You may have to specify the full path to the files, or reconfigure your configuration to point to them if all of the permissions are properly set up how they are supposed to be. I also recommend clearing your cache of your browser just to rule that out.

Cheers,

Josh

Hi

I created and dumped the files in the folder /var/www/html/george. This is the exact same path that was used in the remote server. Due to this purposeful similarity I didn't think that I would need to change any of the code. I'll try clearing the cache quick too. Thanks for your help

panic · 08-03-2011, 03:50 PM

More info...

From error_log:

Code:

[Tue Aug 02 04:59:22 2011] [error] [client 10.215.1.15] (13)Permission denied: access to /index.php denied

ls -l output of index.php

Code:

-rwxrwxrwx 1 root root 395 Jul 25  2007 index.php

output of ps aux | grep httpd

Code:

root      3782  0.0  0.9  24908 10016 ?        Ss   08:29   0:00 /usr/sbin/httpd
apache    3784  0.0  0.6  25180  6764 ?        S    08:29   0:00 /usr/sbin/httpd
apache    3785  0.0  0.6  25180  6764 ?        S    08:29   0:00 /usr/sbin/httpd
apache    3786  0.0  0.6  25044  6972 ?        S    08:29   0:00 /usr/sbin/httpd
apache    3787  0.0  0.5  24908  6068 ?        S    08:29   0:00 /usr/sbin/httpd
apache    3788  0.0  0.5  24908  6064 ?        S    08:29   0:00 /usr/sbin/httpd
apache    3789  0.0  0.6  25044  6804 ?        S    08:29   0:00 /usr/sbin/httpd
apache    3790  0.0  0.6  25180  6788 ?        S    08:29   0:00 /usr/sbin/httpd
apache    3791  0.0  0.6  25044  6920 ?        S    08:29   0:00 /usr/sbin/httpd

up one directory from doc root

Code:

drwxr-xr-x 61 root root 4096 Aug  3 08:12 george

Also I did clear the cache and it didn't help

panic · 08-03-2011, 03:56 PM

also I've noticed that when I view the site it gives me the default Apache/CentOS Test Page, even though in httpd.conf I have:

Code:

DocumentRoot "/var/www/html/george"

and

Code:

<Directory "/var/www/html/george">

#
# Possible values for the Options directive are "None", "All",
# or any combination of:
#   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important.  Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
    Options +Indexes FollowSymLinks +ExecCGI

#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
#   Options FileInfo AuthConfig Limit
#
    AllowOverride AuthConfig FileInfo

#
# Controls who can get stuff from this server.
#
    Order allow,deny
    Allow from all

</Directory>

and

Code:

DirectoryIndex index.php index.html.var

what the heck??!!

it wont load the index.php page until I specifically say my.ip.ad.dr/index.php in the browser.
do I have apache configured wrong?

corp769 · 08-04-2011, 10:49 AM

You may. How exactly are you starting apache?

TenTenths · 08-04-2011, 11:21 AM

I had a similar problem, turned out to be SELINUX related, not sure if you're making use of that or not.

panic · 08-04-2011, 02:24 PM

Quote:

Originally Posted by TenTenths

I had a similar problem, turned out to be SELINUX related, not sure if you're making use of that or not.

omg, I completely forgot about se, and I never saw any mention of that in anything else I read. Set it to disabled, rebooted, now it works fine. Thank you so much, I can't believe I spaced that out

Thank you everyone!

Big sigh

corp769 · 08-04-2011, 05:46 PM

Quote:

Originally Posted by panic

omg, I completely forgot about se, and I never saw any mention of that in anything else I read. Set it to disabled, rebooted, now it works fine. Thank you so much, I can't believe I spaced that out

Thank you everyone!

Big sigh

From a security point of view, disabling SELinux is the same as uninstalling it. If you want to keep SELinux installed, you may want to create a local policy for apache and/or httpd. If you want to go this route, let me know, and I will run you through on how to do it.

Cheers,

Josh