Hey all

Just getting my webserver up and running and thought i'd setup the user directories (so i can do testing before putting it on live)... But when I go to see these pages i get a 403 (Permission Denied)....

The rest of Apache/PHP is working fine, juust not the user directories...

Does anyone know how to fix this? (oh BTW i'm using Apache 2.0.48)

Do you have any files in the directories at all? Usually it will deny file indexing by default so you'll need a default index file in there, or just place something like this in your httpd.conf file:

You don't necessarily need all of that, but it might give you an idea of what to put, etc.

K well I tried that but it still doesn't let me get to it... I also tried changing permissions to full read/write on the directory but that didn't work either...

Any other ideas?

And you do have an index.html file in the directory? And after making your changes to httpd.conf, you retarted apache afterwards?

Yeah it's an exact copy of my website... and yes I restarted apache

Well, the only other thing I can think of with a 403 permission denied is that you didn't change the permissions on your files, directories, etc that you wanted accessed from apache.

Yeah I did... I did a chmod -R 644 /home/ammullan/public_html (and even tried 777)....

Hmmmm this is what I have in my httpd.conf to do with UserDir:

========================================================
UserDir public_html

# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
<Directory /home/*/public_html>
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
<Limit GET POST OPTIONS PROPFIND>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS PROPFIND>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
=========================================================

I've never been able to get this going - on either RH9 or FC1... Dunno if there's something missing in the conf but from what I see it should work (have setup Apache servers for highschools in the past and they worked fine)....

Thanks for the help trickykid

trickykid don't AMMullan have to edit host. etc/host as well?
If they are using named server like this

127.0.0.2 mysite www.mysite.com

I came across your post looking for the same answer and found out that it has to do with selinux extentions.

type "setenforce 0"

value = 1 to re-enable it. Add the command somewhere on startup.

Fixed it for me.

-Doug

chmod -R 755 /path/to/www/directory

you need 755 permissions for the public to view your web page, that also includes LAN only web pages.

I had already done that. Actually my first post was a bit overkill. AFter you set up the permissions correctly like you said above you need to set up selinux so that it's accessable. Disabling selinux really should not be the way to fix the problem. The folling command is what you would use for this circumstance.

chcon -R -h -t httpd_sys_content_t /home/<your home directory>/public_html

Then after using the -Z switch on ls you can see that the public_html directory has rights for httpd

rwxr-xr-x danathar danathar user_u:object_r:httpd_sys_content_t public_html

-Doug B

ok do you need to do all of that if you are behind a firewall?

on my web server i chown root:user the www directory (i put all of the web domains in that directory) and adjusted the permissions appropriatly. i am not running selinux just a whitebox3 fully patched as of about 5min from now (except the kernel) not running iptables or selinux. (ok make that as of now, just finished the yum update program program...)

is there a need to do the extra steps you have listed there on a system like that? yes it is an extrenal hardware firewall.