What are the owner and group of the file..

do an :

Provide anything listed as an error in the tail commands and what the results of the stat command are.

root@hostname:/var/www/htdocs# stat /var/www/htdocs
File: `/var/www/htdocs'
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: 802h/2050d Inode: 4199748 Links: 4
Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2012-07-20 00:42:42.563000049 +0300
Modify: 2012-07-20 00:42:55.100000049 +0300
Change: 2012-07-20 00:42:55.100000049 +0300
Birth: -


root@hostname:/var/www/htdocs# tail -n20 /var/log/httpd/error_log
[Thu Jul 19 23:25:03 2012] [error] [client 127.0.0.1] File does not exist: /srv/httpd/htdocs/favicon.ico
[Thu Jul 19 23:25:15 2012] [error] [client 127.0.0.1] File does not exist: /srv/httpd/htdocs/favicon.ico
[Thu Jul 19 23:27:15 2012] [error] [client 127.0.0.1] File does not exist: /srv/httpd/htdocs/favicon.ico
[Thu Jul 19 23:59:13 2012] [notice] SIGHUP received. Attempting to restart
Warning: DocumentRoot [/usr/docs/dummy-host.example.com] does not exist
Warning: DocumentRoot [/usr/docs/dummy-host2.example.com] does not exist
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[Thu Jul 19 23:59:13 2012] [notice] Digest: generating secret for digest authentication ...
[Thu Jul 19 23:59:13 2012] [notice] Digest: done
[Thu Jul 19 23:59:14 2012] [notice] Apache/2.2.22 (Unix) DAV/2 PHP/5.3.14 configured -- resuming normal operations
[Fri Jul 20 00:07:50 2012] [notice] SIGHUP received. Attempting to restart
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[Fri Jul 20 00:07:50 2012] [notice] Digest: generating secret for digest authentication ...
[Fri Jul 20 00:07:50 2012] [notice] Digest: done
[Fri Jul 20 00:07:51 2012] [notice] Apache/2.2.22 (Unix) DAV/2 PHP/5.3.14 configured -- resuming normal operations
[Fri Jul 20 00:39:42 2012] [notice] SIGHUP received. Attempting to restart
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[Fri Jul 20 00:39:42 2012] [notice] Digest: generating secret for digest authentication ...
[Fri Jul 20 00:39:42 2012] [notice] Digest: done
[Fri Jul 20 00:39:43 2012] [notice] Apache/2.2.22 (Unix) DAV/2 PHP/5.3.14 configured -- resuming normal operations




root@hostname:/var/www/htdocs# tail -n20 /var/log/httpd/hostname.domain-error_log
[Fri Jul 20 00:08:54 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/index.php
[Fri Jul 20 00:08:54 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/favicon.ico
[Fri Jul 20 00:09:05 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/index.php
[Fri Jul 20 00:09:05 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/favicon.ico
[Fri Jul 20 00:09:14 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/index.php
[Fri Jul 20 00:09:14 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/favicon.ico
[Fri Jul 20 00:21:55 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/favicon.ico
[Fri Jul 20 00:21:58 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/favicon.ico
[Fri Jul 20 00:22:01 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/favicon.ico
[Fri Jul 20 00:22:03 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/favicon.ico
[Fri Jul 20 00:40:01 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/favicon.ico
[Fri Jul 20 00:40:06 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/index.php
[Fri Jul 20 00:40:06 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/favicon.ico
[Fri Jul 20 00:43:00 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/index.php
[Fri Jul 20 00:43:00 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/favicon.ico
[Fri Jul 20 00:43:03 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/index.php
[Fri Jul 20 00:43:03 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/favicon.ico
[Fri Jul 20 00:43:07 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/favicon.ico
[Fri Jul 20 00:43:15 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/index.php
[Fri Jul 20 00:43:15 2012] [error] [client 127.0.0.1] client denied by server configuration: /var/www/htdocs/favicon.ico

What about selinux? Is it enabled? getenforce, setenforce 0

@larvel: can you send more details, i don't know what you are referring at.

mitusf, the issue here looks to be the fact that its owned/grouped by root. It more than likely needs to be run under apache.apache but you can confirm that by reviewing the httpd.conf file and seeing what the variables are set to.

You should see two directives in there towards the top, in section 1.

User value
Group value


What ever those values are run the following:

1 members found this post helpful.

Selinux is a security system, but may also cause similar problems. To see if selinux is enabled type getenforce. If it says anything but enabled, it's off. If it says enabled, type setenforce 0, and try accessing your site. If you use virtual host, be sure to access the sites with the servername or serveralias you specified

Don't worry about selinux right now, focus on the basics and work your way up.

The folder is owned by root.root and the default for apache should be apache.apache.

If that doesn't work I see your logic but lets start with square one.

@Kustom42: i remember that the directives in httpd.conf are set to apache, apache.

So, i've ran

sudo chown -R apache.apache /var/www/htdocs

but nothing changed.

ok, something did changed after all, i get the forbidden message for hostname.domain too (not only for the index.php file on the server htdocs directory), but not for 127.0.0.1 or localhost

I feel kinda dumb here for missing this...

OK so here ya go.

1. Add the following code WITHIN your virtual host tags:

2. Remove the Options line in your vhost record since you now have it set within your directory record.

1 members found this post helpful.

ok, now it works Thanks a lot.

---------- Post added 07-19-12 at 05:21 PM ----------

So the problem was the apache.apache user.group and the Directory directive?

It might be useful to back up to the basics before fiddling with virtual hosts (if the basics don't work, neither will the virtual).

In /etc/httpd/httpd.conf you should have things like this:
That is, listen on the fixed-IP address of "this" system; otherwise, that address would be your assigned address (such as 12.34.56.78:80). Note that, as shown here, this server is listening on a LAN. With the addition of, say, DynDNS (see http://www.dyndns.com/) the outside world can get to this server via the modem and router, useful if your ISP changes your IP address periodically.
That's kind of a standard for a Slackware installation and assigning user apache and group apache (the default) is a good idea.
If you have a registered DNS name, use that (the www.example.com:80 address). If you're running on a LAN, don't include the www. Keep in mind that you can't simply make up an IP address -- use 192.168.x.x for your LAN, that's what those addresses are for.
Adding index.php lets things happen as you'd like them to; if your web page is named index.php, Apache will open it with this addition.
If you don't, it ain't: you need to include the configuration file (and you really don't need to fiddle with it in most cases). Like many things, if it works it's probably better to leave it alone unless you have a really good reason to change it (and that takes some study of the documentation).

You may also want to permit access in user home directories (so you can fiddle with a web page in you home directory rather than in the system directory):
You would create an public_html directory in your home directory then address it in the browser with http://fubar.com/~your_user_name (here, fubar.com is simply an example). The name of the directory must be public_html, put phpinfo.php in that directory and see it with http://fubar.com/~your_user_name/phpinfo.php. You can do all your development work essentially off-line in your home directory before moving your page to the system directory; kinda handy, that. You probably already know that the default location for the web page is /var/www/htdocs/index.html.

Note that all of the above are found in /etc/httpd.conf on a standard Slackware installation -- just edit your name and address information.

With the above configuration edits -- and sending the browser to the machine name/address, not to localhost -- PHP should do its thing for you.

Something you can do is add an entry in /etc/hosts of the form
so you can easily refer to the system by name (this is fixed-IP, DHCP is, of course, different). Other servers on your LAN should have similar entries in their /etc/hosts files so they can quickly and easily get to this system web page; the URL would be, in this case, http://fubar.com (or the IP address).

If you're placing web-based software in /var/www/htdocs you will need to do a couple of things with group assignment and permission masks.

For example, I have Bugzilla installed for user and developer bug reporting and tracking. /var/www/htdocs is owned and group root, /var/www/htdocs/bugzilla is
The entire content of the bugzilla directory is owner root and group apache.

I have other web applications that are similarly owner root, group apache.

So Apache will server Bugzilla (and one other application), I add these lines to /etc/httpd.conf:
And this to /etc/httpd/extra/httpd-bugzilla.conf:
The other application, colpat, looks like this
It's handy that you don't need to directly edit /etc/httpd/httpd.conf to add additional applications (at least in Slackware) with the addition of the extra directory -- there are some useful things found there that you may be interested in.

And, of course, if you make any changes you must stop and restart the httpd daemon:
You can also use /etc/rc.d/rc.httpd restart.

One other thing -- if you've been whacking away for some time it might be a good idea to clear the browser cache when you've made changes to make sure you get the current change. Won't hurt, might help.

Once you see the PHP display, you're good to go and then you can fiddle with the virtual stuff.

Hope this helps some.

3 members found this post helpful.

tronayne, thanks, yes, you are right, i don't know why it didn't work from the beginning without all the virtual host stuff, now i tested it again and it worked without it. But i'm glad i set also virtual host because i didn't knew how it works and now i learned. Thanks again guys for your answers.

The actual issue here is the way Apache is built, it is built as a restrictive server which means you must tell it what to allow. This is done on a directory basis via the Directory tags. The code Allow from all that you put into your directory tag tells apache to serve the content. Apache can only serve content that it can read and execute, as such the directory and file permissions must also match what is set as the User and Group directives in the httpd.conf.


Some of the things that tronayne has posted are suggested as fact when they are not. Such as the comment to the include file for mod_php, the Listen information should be elaborated a bit more as well.

By default apache will set the listen directive to 80 which tells apache to listen to all interfaces and IPs on port 80. You can specify specific IPs or alternate ports via this directive to restrict what apache is listening on for incoming requests.

The server name directive should omit the port 80 designation on the end. That is not a proper fully qualified server name for Apache to use. And it should always be fully qualified, that means include the www. portion of the address.

Your info is really good tronayne but please clarify things a bit more for people who may come and view the forum in the future.

1 members found this post helpful.

Point taken -- see above.