Find the answer to your Linux question:
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 16
Hi, I appreciate you taking the time to read this and help me. Im trying to set up virtual hosts on my server in the form 192.168.0.100:9001 --> /home/webadmin/domain.com/html This ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2004
    Posts
    11

    Web Server Config / Permissions are write and get Forbidden


    Hi,

    I appreciate you taking the time to read this and help me.

    Im trying to set up virtual hosts on my server in the form

    192.168.0.100:9001 --> /home/webadmin/domain.com/html

    This is my virtual host entry

    <VirtualHost 192.168.0.100:9001>
    ServerAdmin email@domain.com
    DocumentRoot /home/webadmin/domain.com/html
    ServerName domain.com
    </VirtualHost>

    I also have the server listening on port 9001.

    All of the files in the folder have permissions set to 755 and are owned webadmin in the users group. I wasn't sure if it would help, but I also added the webadmin user to the apache group.

    The problem is, when I try to access the page I get a 403 Forbidden. It also says this:

    "Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request."

    If anyone has any ideas, please let me know.

    ~matt

  2. #2
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    Do all the ancestor directories have traverse permission for the apache user as well?

    Also, what does it say in the error_log?

  3. #3
    Just Joined!
    Join Date
    Nov 2004
    Posts
    11
    Quote Originally Posted by Dolda2000
    Do all the ancestor directories have traverse permission for the apache user as well?

    Also, what does it say in the error_log?

    Hi,

    Thanks for the fast response. Here is a sample from the apache error log:

    [Fri Nov 12 18:56:50 2004] [error] [client 192.168.0.100] (13)Permission denied: access to /index.html denied
    [Fri Nov 12 18:56:50 2004] [error] [client 192.168.0.100] (13)Permission denied: access to /favicon.ico denied


    Im not sure exactly what you mean by "traverse permissions" but here are the permissions on the parent directories:


    drwxr-xr-x 5 root root 4096 Nov 12 14:07 home

    drwxrwxrwx 6 webadmin users 4096 Nov 12 17:07 webadmin

    drwxrwxrwx 3 webadmin users 4096 Nov 12 15:05 domain.com

    drwxrwxrwx 2 webadmin users 4096 Nov 12 15:10 html

    I have set them all to 777 for debugging.

    Thanks,

    Matt

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Nov 2004
    Posts
    11
    Another thing to note is that I created these folders and files as root and then chgrp, and chowned them to webadmin, users. I assume that doesnt make a difference.

    Matt

  6. #5
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    It seems those permissions are correct. The exec permission is called traverse permission on directories.

    Are you sure that the access rights in httpd.conf are set up properly to allow access in these directories?

  7. #6
    Just Joined!
    Join Date
    Nov 2004
    Posts
    11
    Quote Originally Posted by Dolda2000
    It seems those permissions are correct. The exec permission is called traverse permission on directories.

    Are you sure that the access rights in httpd.conf are set up properly to allow access in these directories?
    I'm not sure. How do you set the rights? I just made a virtual host entry.

  8. #7
    Just Joined!
    Join Date
    Nov 2004
    Posts
    11
    Quote Originally Posted by mgbaron
    Quote Originally Posted by Dolda2000
    It seems those permissions are correct. The exec permission is called traverse permission on directories.

    Are you sure that the access rights in httpd.conf are set up properly to allow access in these directories?
    I'm not sure. How do you set the rights? I just made a virtual host entry.
    ...And put a listen entry in.

    I also attempted to switch the main DocumentRoot and that resulted in a test page, but didnt display the index.html file I had in there. When i realized switching this shouldnt be necessary, I switched it back.

  9. #8
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    That would be the <Directory> config directives. Maybe you just need to enable access to /home and its subdirectories, with something like this:
    Code:
    <Directory /home/webadmin>
        AllowOverride FileInfo AuthConfig Limit Options
        Options MultiViews -Indexes SymLinksIfOwnerMatch IncludesNoExec
        <Limit GET POST OPTIONS>
            Order allow,deny
            Allow from all
        </Limit>
        <LimitExcept GET POST OPTIONS>
            Order deny,allow
            Deny from all
        </LimitExcept>
    </Directory>
    This is taken from my httpd.conf, except I changed /home/*/public_html to /home/webadmin.

  10. #9
    Just Joined!
    Join Date
    Nov 2004
    Posts
    11
    Quote Originally Posted by Dolda2000
    That would be the <Directory> config directives. Maybe you just need to enable access to /home and its subdirectories, with something like this:
    Code:
    <Directory /home/webadmin>
        AllowOverride FileInfo AuthConfig Limit Options
        Options MultiViews -Indexes SymLinksIfOwnerMatch IncludesNoExec
        <Limit GET POST OPTIONS>
            Order allow,deny
            Allow from all
        </Limit>
        <LimitExcept GET POST OPTIONS>
            Order deny,allow
            Deny from all
        </LimitExcept>
    </Directory>
    This is taken from my httpd.conf, except I changed /home/*/public_html to /home/webadmin.

    I think you might be on to something, however the entry you sent me kills my httpd. Here is the error:

    httpd failed. The error was: Stopping httpd: [FAILED]
    Starting httpd: Syntax error on line 533 of /etc/httpd/conf/httpd.conf:
    Invalid command '\xc2\xa0', perhaps mis-spelled or defined by a module not included in the server configuration
    [FAILED]

    I'm trying to fix it myself, but if you have any ideas let me know.


    Matt

  11. #10
    Just Joined!
    Join Date
    Nov 2004
    Posts
    11
    Quote Originally Posted by Dolda2000
    That would be the <Directory> config directives. Maybe you just need to enable access to /home and its subdirectories, with something like this:
    Code:
    <Directory /home/webadmin>
        AllowOverride FileInfo AuthConfig Limit Options
        Options MultiViews -Indexes SymLinksIfOwnerMatch IncludesNoExec
        <Limit GET POST OPTIONS>
            Order allow,deny
            Allow from all
        </Limit>
        <LimitExcept GET POST OPTIONS>
            Order deny,allow
            Deny from all
        </LimitExcept>
    </Directory>
    This is taken from my httpd.conf, except I changed /home/*/public_html to /home/webadmin.
    Ok,

    I tried adding

    <Directory "/home/webadmin/domain.com/html/">
    Options Indexes MultiViews
    AllowOverride None
    Order allow, deny
    Allow from all
    </Directory>

    and

    <Directory "/home/webadmin/">
    Options Indexes MultiViews
    AllowOverride None
    Order allow, deny
    Allow from all
    </Directory>


    These will allow httpd to start, but don't fix the problem.

Page 1 of 2 1 2 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •