LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 09-07-2008, 10:43 AM   #1
habl
LQ Newbie
 
Registered: Jan 2006
Location: The Netherlands, Hoorn
Distribution: Debian Squeeze
Posts: 20

Rep: Reputation: 0
Apache - 403 Forbidden


Hi,

I have a problem with apache, it gives a 403 forbidden message for every file and directory in my document root. I also setup the userdir module and in userdirs everything works fine. I have searched on the web for days now and I still haven't found the answer.

My documentroot is set to /var/www/htdocs/ and as far as I can see everything is fine:

Code:
drwxrwxr--  2 root   apache  144 2008-02-14 22:38 cgi-bin/
drwxrwxr--  3 root   apache  976 2008-02-14 22:38 error/
drwxr-xr-x 32 apache apache 1144 2008-09-07 16:46 htdocs/
drwxrwxr--  3 root   apache 4632 2008-02-14 22:38 icons/
the rights for htdocs are recursive. I also tried changing it to 777, but still no effect.

The apache access logs gives a bunch of these lines:
Code:
local.damnation.nl - - [07/Sep/2008:17:02:29 +0200] "GET / HTTP/1.1" 403 293
And my error_log
Code:
[Sun Sep 07 17:02:34 2008] [crit] [client 10.0.0.150] (13)Permission denied: /var/www/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
[Sun Sep 07 17:02:37 2008] [crit] [client 10.0.0.150] (13)Permission denied: /var/www/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
These errors come from a .htaccess file, they only appear when I enter a directory with a .htaccess file in it. I didn't took the time yet to set it up right. There aren't anymore errors then these.

In my Apache config I have the following lines (if there is more info about my config needed just ask):
Code:
<Directory "/var/www/htdocs/">

    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/2.2/mod/core.html#options
    # for more information.
    #
    Options All

    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #
    AllowOverride All

    #
    # Controls who can get stuff from this server.
    #
    Order allow,deny
    Allow from all

</Directory>

#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
    DirectoryIndex index.php index.html index.htm
</IfModule>

#
# The following lines prevent .htaccess and .htpasswd files from being 
# viewed by Web clients. 
#
<FilesMatch "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</FilesMatch>
Userdirs:

Code:
UserDir public_html

<Directory "/home/*/public_html">
    AllowOverride All
    Options MultiViews SymLinksIfOwnerMatch IncludesNoExec
    <Limit GET POST OPTIONS>
        Order allow,deny
        Allow from all
    </Limit>
    <LimitExcept GET POST OPTIONS>
        Order deny,allow
        Deny from all
    </LimitExcept>
</Directory>
And also a couple of vhosts like these (there are more of them in the original config):

Code:
NameVirtualHost *:80

<VirtualHost *:80>
  ServerName home.habl.nl
  ServerAlias *.home.habl.nl
  DocumentRoot /var/www/htdocs/images/
  DirectoryIndex index.php index.html index.htm index.shtml
</VirtualHost>
For what I know it should work with this config and I tried a dozen of other combinations.

I really have no idea what to do anymore, probably it's something really simple and stupid, but I can't see my mistake. Somebody here who do?

Last edited by habl; 09-07-2008 at 11:30 AM.
 
Old 09-07-2008, 11:32 AM   #2
keefaz
Senior Member
 
Registered: Mar 2004
Distribution: Slackware
Posts: 4,341

Rep: Reputation: 73
Could you post the output with: ls -al /var/www ?
Also the output with: ls -al /var/www/htdocs
 
Old 09-07-2008, 11:39 AM   #3
habl
LQ Newbie
 
Registered: Jan 2006
Location: The Netherlands, Hoorn
Distribution: Debian Squeeze
Posts: 20

Original Poster
Rep: Reputation: 0
Thanks for your reply.

/var/www:
Code:
total 7
drwxrwxr--  7 root   www     168 2008-09-04 22:26 ./
drwxr-xr-x 17 root   root    528 2008-07-29 05:43 ../
drwxrwxr--  2 root   apache  144 2008-02-14 22:38 cgi-bin/
drwxrwxr--  3 root   apache  976 2008-02-14 22:38 error/
drwxr-xr-x 32 apache apache 1144 2008-09-07 16:46 htdocs/
drwxrwxr--  3 root   apache 4632 2008-02-14 22:38 icons/
drwxr-xr-x  2 apache apache   80 2008-09-04 21:57 passwd/
/var/www/htdocs
Code:
total 28
drwxr-xr-x 28 apache apache  808 2008-09-07 18:37 ./
drwxrwxr--  7 root   www     168 2008-09-04 22:26 ../
drwxr-xr-x  3 apache apache   72 2008-08-26 20:03 cgi-bin/
drwxr-xr-x  3 apache apache  104 2008-08-26 20:03 cgiirc/
drwxr-xr-x 14 apache apache 1176 2008-08-26 20:03 damnation/
drwxr-xr-x  2 apache apache  112 2008-08-26 20:03 domi/
drwxr-xr-x 11 apache apache  320 2008-09-07 16:23 downloads/
drwxr-xr-x  4 apache apache  200 2008-08-26 20:11 fun/
drwxr-xr-x 11 apache apache 1520 2008-08-26 20:12 hablserv/
drwxr-xr-x 15 apache apache 1288 2008-08-26 20:12 hablserv2/
drwxr-xr-x  3 apache apache  192 2008-09-07 18:34 home/
drwxr-xr-x  8 apache apache  264 2008-08-26 20:12 images/
-rwxr-xr-x  1 apache apache   55 2008-09-07 15:29 index.php*
drwxr-xr-x  2 apache apache  496 2008-08-26 20:12 kabelweg/
drwxr-xr-x  2 apache apache  240 2008-08-26 20:12 kangoo/
drwxr-xr-x  3 apache apache  456 2008-08-26 20:12 lgsl/
-rwxr-xr-x  1 apache apache 1350 2008-08-26 20:12 mailtest.php*
drwxr-xr-x  2 apache apache  136 2008-08-26 20:12 mobiel/
drwxr-xr-x  2 apache apache  112 2008-08-26 20:12 movie/
drwxr-xr-x  3 apache apache  216 2008-08-26 20:12 nightmare.org/
-rwxr-xr-x  1 apache apache   16 2008-08-26 20:12 phpinfo.php*
drwxr-xr-x  9 apache apache 2776 2008-08-26 20:12 phpmyadmin/
drwxr-xr-x  2 apache apache  112 2008-08-26 20:12 proxy/
drwxr-xr-x 11 apache apache 2864 2008-08-26 20:13 sql/
drwxr-xr-x  5 apache apache  368 2008-08-26 20:13 sysinfo/
drwxr-xr-x  5 apache apache  224 2008-08-26 20:13 temp/
drwxr-xr-x 12 apache apache 1760 2008-08-26 20:13 uri/
drwxr-xr-x 12 apache apache 1728 2008-08-26 20:13 uri.old/
drwxr-xr-x  2 apache apache 3464 2008-08-26 20:13 usage/
drwxr-xr-x  2 apache apache   96 2008-08-26 20:14 ut/
drwxr-xr-x  2 apache apache  112 2008-08-26 20:14 woutie/

Last edited by habl; 09-07-2008 at 11:40 AM.
 
Old 09-07-2008, 11:46 AM   #4
keefaz
Senior Member
 
Registered: Mar 2004
Distribution: Slackware
Posts: 4,341

Rep: Reputation: 73
Ok, just do: chmod 0755 /var/www
That should fix it

And to correct some other potential permission problem:
chmod 0755 /var/www/cgi-bin
chmod 0755 /var/www/error
chmod 0755 /var/www/icons

If you want to restrict directory access for some directories, do it in httpd.conf or in .htaccess, it is better imho
 
Old 09-07-2008, 11:48 AM   #5
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 5,194

Rep: Reputation: Disabled
This should have said enough:
Quote:
drwxrwxr-- 7 root www 168 2008-09-04 22:26 ./
The apache user cannot descend into your /var/www directory structure.
Note that it is not enough to have read rights on a directory... if the directory does not have the executable bit set, you will not be able to access it.
So,
Code:
chmod -R o+x /var/www
should get the default Slackware permissions back (apart from the apache ownership).

Eric
 
Old 09-07-2008, 12:00 PM   #6
habl
LQ Newbie
 
Registered: Jan 2006
Location: The Netherlands, Hoorn
Distribution: Debian Squeeze
Posts: 20

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by Alien Bob View Post
This should have said enough:


The apache user cannot descend into your /var/www directory structure.
Note that it is not enough to have read rights on a directory... if the directory does not have the executable bit set, you will not be able to access it.
So,
Code:
chmod -R o+x /var/www
should get the default Slackware permissions back (apart from the apache ownership).

Eric
*sigh* Your right. Like I said, it had to be something stupid

Only weird thing is, this was the default ownership. Before all the directory's had this ownership. I allready changed /var/www/htdocs, only forgot the parent.

Thanks for your help!
 
Old 09-07-2008, 12:06 PM   #7
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 5,194

Rep: Reputation: Disabled
Quote:
Originally Posted by habl View Post
Only weird thing is, this was the default ownership. Before all the directory's had this ownership. I allready changed /var/www/htdocs, only forgot the parent.
That would definitely not be the default settings, right after an installation of Slackware. So, something must have changed these permissions on your system after the installation of Slackware.

Are you running Slackware actually?

Eric
 
Old 09-08-2008, 10:31 AM   #8
habl
LQ Newbie
 
Registered: Jan 2006
Location: The Netherlands, Hoorn
Distribution: Debian Squeeze
Posts: 20

Original Poster
Rep: Reputation: 0
Yes I am using slackware (12.1). I really don't know what could have changed the ownership. I didn't do it by hand and I also didn't installed other software (yet). It's pretty weird because the user/group www doesn't exists at all, so slackware doesn't allow to change it to www.
 
Old 09-08-2008, 10:53 AM   #9
keefaz
Senior Member
 
Registered: Mar 2004
Distribution: Slackware
Posts: 4,341

Rep: Reputation: 73
www has to be defined in /etc/group, else the name www wouldn't appear on ls output, just the gid number
 
Old 09-09-2008, 02:08 AM   #10
habl
LQ Newbie
 
Registered: Jan 2006
Location: The Netherlands, Hoorn
Distribution: Debian Squeeze
Posts: 20

Original Poster
Rep: Reputation: 0
Indeed it is. Oh well, probably I wasn't paying attention when installing slack and stuff, problem solved, case closed!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
apache: 403 forbidden johnty01 Linux - Networking 5 04-05-2008 02:20 PM
Apache 403 Forbidden HelplessNewbie Linux - Software 3 05-19-2006 11:12 PM
apache 403 forbidden munchkins Linux - Software 1 12-25-2005 07:10 AM
apache 403 forbidden? wezhousheng Linux - Networking 5 05-13-2005 12:15 AM
Apache 403 Forbidden quozt Linux - Networking 10 02-24-2004 04:59 PM


All times are GMT -5. The time now is 12:00 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration