Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
248 views
in Technique[技术] by (71.8m points)

linux - Apache VirtualHost 403 Forbidden

I recently tried to set a test server up with Apache. The site must run under domain www.mytest.com. I always get a 403 Forbidden error. I am on Ubuntu 10.10 server edition. The doc root is under dir /var/www. The following are my settings:

Content of /var/www

ls -l /var/www/

total 12
drwxr-xr-x 2 root root 4096 2011-08-04 11:26 mytest.com
-rwxr-xr-x 1 root root 177 2011-07-25 16:10 index.html

Content of the host file on the server (with IP 192.168.2.5)

cat /etc/hosts

127.0.0.1 localhost 
127.0.1.1 americano
192.168.2.5 americano.mytest.com www.mytest.com

# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

Site config

<VirtualHost *>
ServerAdmin [email protected]
ServerName www.mytest.com
ServerAlias mytest.com

DocumentRoot "/var/www/mytest.com"

ErrorLog /var/log/apache2/mytest-error_log
CustomLog /var/log/apache2/mytest-access_log combined

#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/var/www/mytest.com">
Options -Indexes FollowSymLinks
AllowOverride None

Order allow,deny
Allow from all
</Directory>
</VirtualHost>

I have no .htaccess file in my doc root. The permissions are set correctly (readable by www-data).

If I type in the IP address from my desktop, the site shows up correctly. I changed the hosts file on my desktop to point www.mytest.com to the server's IP. When I use it, I get 403. Since many functions of this site are sitename-sensitive, I have to be able to access the site by the domain name.

Another funky thing is, even if all log files are created properly, they have no information regarding this error.

I am stuck. Can anybody help?

Question&Answers:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Apache 2.4.3 (or maybe slightly earlier) added a new security feature that often results in this error. You would also see a log message of the form "client denied by server configuration". The feature is requiring a user identity to access a directory. It is turned on by DEFAULT in the httpd.conf that ships with Apache. You can see the enabling of the feature with the directive

Require all denied

This basically says to deny access to all users. To fix this problem, either remove the denied directive (or much better) add the following directive to the directories you want to grant access to:

Require all granted

as in

<Directory "your directory here">
   Order allow,deny
   Allow from all
   # New directive needed in Apache 2.4.3: 
   Require all granted
</Directory>

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...