LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Red Hat 9 and Apache (https://www.linuxquestions.org/questions/linux-software-2/red-hat-9-and-apache-75868/)

Manric 07-25-2003 12:09 PM
Red Hat 9 and Apache
 
My server is responding in the error logs with:
"Directory index forbidden by rule"
The error occurs when accessing the "Main" Site and any of the Virtual Sites, of which there are two.
I do get the Apache Test Web page from the server and another box on my network,
the permissions of the DocumentRoot are drwxrwx--- (2770) for each of the site's directories (used the recursive option) and the directories are currently owned by the Apache user and it's group

I've been looking though the threads on this and other sights and followed all of the suggestions that I have found including the following:
Reversing the Order Allow,Deny
creating a .htaccess for the DocumentRoot (which I Subsequently removed)
Adding or Removing the Indexes option in Virtual hosts section.

I am posting my httpd.conf (edited to protect the Innocent)
any help is greatly appreciated
and please pardon my spelling

### Section 1: Global Environment
ServerTokens OS
ServerRoot "/etc/httpd"
#ScoreBoardFile run/httpd.scoreboard
PidFile "/var/run/httpd.pid"
TimeOut 300
KeepAlive false
MaxKeepAliveRequests 100
KeepAliveTimeout 15

##
## Server-Pool Size Regulation (MPM specific)
##

# prefork MPM
<IfModule prefork.c>
StartServers 8
MinSpareServers 5
MaxSpareServers 20
MaxClients 150
MaxRequestsPerChild 100
</IfModule>

# worker MPM
<IfModule worker.c>
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>

# perchild MPM
<IfModule perchild.c>
NumServers 5
StartThreads 5
MinSpareThreads 5
MaxSpareThreads 10
MaxThreadsPerChild 20
MaxRequestsPerChild 0
</IfModule>

# Listen

Listen XXX.XXX.XXX.XXX<eth0:1>:80
Listen XXX.XXX.XXX.XXX<eth0>:80
Listen XXX.XXX.XXX.XXX<eth0:2>:80

# Load config files from the config directory "/etc/httpd/conf.d".
Include conf.d/*.conf

# Dynamic Shared Object (DSO) Support
LoadModule access_module modules/mod_access.so
LoadModule auth_module modules/mod_auth.so
LoadModule auth_anon_module modules/mod_auth_anon.so
LoadModule auth_dbm_module modules/mod_auth_dbm.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule imap_module modules/mod_imap.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so

#ExtendedStatus On

### Section 2: 'Main' server configuration
User xxxxx
Group xxxxx
ServerAdmin <admin e-mail addy>
ServerName <ServerName>

UseCanonicalName on
DocumentRoot "%DocumentRoot%"

<LocationMatch "^/$">
Options -Indexes
ErrorDocument 403 /error/noindex.html
</LocationMatch>

<IfModule mod_userdir.c>
#UserDir "disable"
UserDir public_html
</IfModule>

DirectoryIndex
AccessFileName .htaccess
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>

TypesConfig "/etc/mime.types"
DefaultType text/plain

<IfModule mod_mime_magic.c>
# MIMEMagicFile /usr/share/magic.mime
MIMEMagicFile conf/magic
</IfModule>

HostNameLookups Off

ErrorLog "/var/log/httpd/error_log"
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

CustomLog logs/access_log combined
#CustomLog logs/referer_log referer
#CustomLog logs/agent_log agent
#CustomLog logs/access_log combined
ServerSignature on

Alias /icons/ "/var/www/icons/"
Alias /manual "/var/www/manual"
<IfModule mod_dav_fs.c>
# Location of the WebDAV lock database.
DAVLockDB /var/lib/dav/lockdb
</IfModule>

ScriptAlias /cgi-bin/ "%System Root%/cgi-bin"

<IfModule mod_cgid.c>
#Scriptsock logs/cgisock
</IfModule>


# Redirect permanent /foo http://www.example.com/bar

#
# Directives controlling the display of server-generated directory listings.
#

# FancyIndexing
IndexOptions FancyIndexing VersionSort NameWidth=*
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*

AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core

AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^

#
# DefaultIcon is which icon to show for files which do not have an icon
# explicitly set.
#
DefaultIcon /icons/unknown.gif

#AddDescription "GZIP compressed document" .gz
#AddDescription "tar archive" .tar
#AddDescription "GZIP compressed tar archive" .tgz

ReadmeName README.html
HeaderName HEADER.html

IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

AddEncoding x-compress Z
AddEncoding x-gzip gz tgz

# DefaultLanguage nl
AddLanguage da .dk
AddLanguage nl .nl
AddLanguage en .en
AddLanguage et .et
AddLanguage fr .fr
AddLanguage de .de
AddLanguage he .he
AddLanguage el .el
AddLanguage it .it
AddLanguage ja .ja
AddLanguage pl .po
AddLanguage kr .kr
AddLanguage pt .pt
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pt-br .pt-br
AddLanguage ltz .ltz
AddLanguage ca .ca
AddLanguage es .es
AddLanguage sv .se
AddLanguage cz .cz
AddLanguage ru .ru
AddLanguage tw .tw
AddLanguage zh-tw .tw
AddLanguage hr .hr

LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ltz ca es sv tw

ForceLanguagePriority Prefer Fallback

AddDefaultCharset ISO-8859-1

AddCharset ISO-8859-1 .iso8859-1 .latin1
AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
AddCharset ISO-8859-3 .iso8859-3 .latin3
AddCharset ISO-8859-4 .iso8859-4 .latin4
AddCharset ISO-8859-5 .iso8859-5 .latin5 .cyr .iso-ru
AddCharset ISO-8859-6 .iso8859-6 .latin6 .arb
AddCharset ISO-8859-7 .iso8859-7 .latin7 .grk
AddCharset ISO-8859-8 .iso8859-8 .latin8 .heb
AddCharset ISO-8859-9 .iso8859-9 .latin9 .trk
AddCharset ISO-2022-JP .iso2022-jp .jis
AddCharset ISO-2022-KR .iso2022-kr .kis
AddCharset ISO-2022-CN .iso2022-cn .cis
AddCharset Big5 .Big5 .big5
# For russian, more than one charset is used (depends on client, mostly):
AddCharset WINDOWS-1251 .cp-1251 .win-1251
AddCharset CP866 .cp866
AddCharset KOI8-r .koi8-r .koi8-ru
AddCharset KOI8-ru .koi8-uk .ua
AddCharset ISO-10646-UCS-2 .ucs2
AddCharset ISO-10646-UCS-4 .ucs4
AddCharset UTF-8 .utf8
AddCharset GB2312 .gb2312 .gb
AddCharset utf-7 .utf7
AddCharset utf-8 .utf8
AddCharset big5 .big5 .b5
AddCharset EUC-TW .euc-tw
AddCharset EUC-JP .euc-jp
AddCharset EUC-KR .euc-kr
AddCharset shift_jis .sjis

AddType application/x-tar .tgz

#AddHandler cgi-script .cgi
#AddHandler send-as-is asis
AddHandler imap-file map
AddHandler type-map var

AddOutputFilter INCLUDES .shtml

# Format: Action media/type /cgi-script/location
# Format: Action handler-name /cgi-script/location

Alias /error/ "/var/www/error/"

BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0

BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully

#<Location /server-status>
# SetHandler server-status
# Order deny,allow
# Deny from all
# Allow from .your-domain.com
#</Location>

#<Location /server-info>
# SetHandler server-info
# Order deny,allow
# Deny from all
# Allow from .your-domain.com
#</Location>

#<IfModule mod_proxy.c>
#ProxyRequests On
#
#<Proxy *>
# Order deny,allow
# Deny from all
# Allow from .your-domain.com
#</Proxy>

#ProxyVia On

#CacheRoot "/etc/httpd/proxy"
#CacheSize 5
#CacheGcInterval 4
#CacheMaxExpire 24
#CacheLastModifiedFactor 0.1
#CacheDefaultExpire 1
#NoCache a-domain.com another-domain.edu joes.garage-sale.com

#</IfModule>
# End of proxy directives.

### Section 3: Virtual Hosts

# NameVirtualHost *

LockFile "/var/lock/httpd.lock"
CoreDumpDirectory "/etc/httpd"

# Virtual host Default Virtual Host
<VirtualHost *>
ServerSignature email
DirectoryIndex index.php index.html index.htm index.shtml
LogLevel debug
HostNameLookups off
</VirtualHost>

# Virtual host Vhost2
<VirtualHost XXX.XXX.XXX.XXX<eth0:2>>
DocumentRoot "/www/vhost-2/public/htdocs"
ServerName vhost-2
ServerSignature email
<Directory "/www/vhost-2/public/htdocs">
Options Indexes Includes FollowSymLinks
AllowOverride None
Allow from all
Order Deny,Allow
</Directory>

<Directory "/www/vhost-2/public/cgi-bin">
Options ExecCGI
AllowOverride None
Allow from all
Order Deny,Allow
</Directory>

</VirtualHost>

# Virtual host Vhost1
<VirtualHost XXX.XXX.XXX.XXX<eth0:1>>
ServerName vhost-1
ServerAlias www.vhost-1
DocumentRoot "/www/www.vhost-1/public/htdocs"
ServerAdmin couponclippermo@hotmail.com
ServerSignature email
DirectoryIndex index.php index.html index.htm index.shtml
<Directory "/www/www.vhost-1/public/htdocs">
Options ALL
AllowOverride ALL
Allow from all
Order Allow,Deny
</Directory>
<Directory "/www/www.vhost-1/cgi-bin">
Options ExecCGI
AllowOverride None
Allow from all
Order Deny,Allow
</Directory>
</VirtualHost>

<Directory "/">
Options FollowSymLinks Includes
AllowOverride None
</Directory>
<Directory "%DocumentRoot%">
Options Indexes FollowSymLinks
AllowOverride None
Allow from all
Order Allow,Deny
</Directory>
<Directory "%DocumentRoot%/cgi-bin">
Options ExecCGI
AllowOverride None
Allow from all
Order deny,Allow
</Directory>

homestead1000 07-25-2003 03:01 PM
For the most part everything looks ok.

1. not sure if it really matters but I think the order should preceed the action.

example:
Order Deny, Allow
Deny from all

I'd comment out these lines from each virtual host section and add them back in once your sure the virtual hosting part is working properly.
If it works fine with out them and errors with them in, that's a pretty good place to figure out whats going on.

Good referense docs:
http://httpd.apache.org/docs-2.0/

Manric 07-25-2003 05:28 PM
Thanks for the info..
 
I know it was bad form of me to not post that I had been through the directives on the Apache site, but I already have, however they do deserve a second look.

Progressive (remove/change restart the daemon, rinse repeat) troubleshooting is what I've been doing but nothing as drastic as removing the VirtualHosts, I guess that is the next step it just seems a little drastic, but that's how last resorts usually go.

Thanks for your help, it is greatly Appreciated!


All times are GMT -5. The time now is 06:22 PM.