Chris Evens wrote:
Have you tried to comment out the Limit and LimitExcept in your <Directory
"/var/www/html"> entry?
Christopher Evens
Web Programmer, Christian Record Services for the Blind
Free lending library for the blind
www.christianrecord.org
-----Original Message-----
From: Abhishek Singh [mailto:[EMAIL PROTECTED]
Sent: Monday, December 31, 2007 11:03 AM
To: users@httpd.apache.org
Subject: [EMAIL PROTECTED] Regarding 403 Forbidden Error
Dear All,
I searched over the achieves regarding my problem, but could not
find a solution that would work in my case. Hence I'm posting to this group.
The text of the problem goes as below:
I've a Fedora Core 1 Box running with the following httpd specification (as
returned by httpd -V):
Server version: Apache/2.0.47
Server built: Oct 23 2003 06:48:44
Server's Module Magic Number: 20020903:4
Architecture: 32-bit
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="logs/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
The listing inside /var/www/html/ (i.e. ls -al) gives:
total 16
drwxr-xr-x 3 root root 4096 Feb 20 10:24 .
drwxr-xr-x 9 root root 4096 Jan 11 08:49 ..
-rwxr--r-- 1 root root 196 Feb 20 08:44 index.html
drwxr-xr-x 2 root root 4096 Jan 11 06:00 usage
The listing of httpd service (i.e. ps aux|grep httpd) gives:
root 11014 0.0 3.7 22372 9468 ? S 10:17 0:00
/usr/sbin/httpd
apache 11017 0.0 3.7 22472 9592 ? S 10:17 0:00
/usr/sbin/httpd
apache 11018 0.0 3.7 22472 9504 ? S 10:17 0:00
/usr/sbin/httpd
apache 11019 0.0 3.7 22472 9500 ? S 10:17 0:00
/usr/sbin/httpd
apache 11020 0.0 3.7 22472 9500 ? S 10:17 0:00
/usr/sbin/httpd
apache 11021 0.0 3.7 22472 9500 ? S 10:17 0:00
/usr/sbin/httpd
apache 11022 0.0 3.7 22472 9500 ? S 10:17 0:00
/usr/sbin/httpd
apache 11023 0.0 3.7 22472 9500 ? S 10:17 0:00
/usr/sbin/httpd
apache 11024 0.0 3.7 22472 9500 ? S 10:17 0:00
/usr/sbin/httpd
root 11039 0.0 0.2 4764 584 pts/1 S 10:25 0:00 grep httpd
Now, I edited the /etc/httpd/conf.d/welcome.conf file and commented all the
lines so that my own index.html file would be displayed instead of the
default fedora welcome page. I created a file called "index.html" in the
directory /var/www/html and gave it a permission of 755 (i.e. chmod
755 index.html).
But whenever I tried to browse my website, I get a "403 Forbidden
Error" and states that "You don't have permission to access / on this
server." I tried looking at the various solutions over the archive that
suggested me to do the following things, and I did, but there was no effect.
The suggestions were as below, which seemed to be in vain for me:
1. Check if the user running the service httpd has read and execute access to
the document root (i.e. /var/www/html)
-> the ls -ld /var/www/html returns
drwxr-xr-x 3 root root 4096 Feb 20 10:24 html/
which means that all the user have the execute permission, but shows
that the other users except group and owner doesn't have read
permission. To resolve this issue, I chmoded the /var/www/html directory to
755 and even added the user "apache" to the group "root". Moreover I even
trid "chown -R apache /var/www/html", but no effect.
2. Check the httpd.conf file and see if directory listing is allowed and
directory index is defined.
-> The httpd.conf clearly shows that the the Directory directive to the
document root has been clearly defined and "Allow from all" option have been
emphasized. Moreover "Options all" has been included in the directive index
as well.
3. Check if you have SELinux Installed and it's causing the problem.
-> I had disabled SELinux at the installation only, hence there is no
point that SELinux is causing the problem.
The archive also suggests to go through the httpd log files
(/var/log/httpd/error_log and /var/log/httpd/access_log). When I issued
"tail -f /var/log/httpd/access_log", I get:
116.90.239.2 - - [20/Feb/2007:08:55:34 +052700] "GET / HTTP/1.1" 403 409
"-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213
Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
124.41.253.161 - - [20/Feb/2007:08:58:39 +052700] "GET / HTTP/1.1" 403
409 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11)
Gecko/20071127 Firefox/2.0.0.11"
124.41.253.161 - - [20/Feb/2007:08:59:44 +052700] "GET / HTTP/1.1" 403
409 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11)
Gecko/20071127 Firefox/2.0.0.11"
116.90.239.2 - - [20/Feb/2007:09:04:51 +052700] "GET / HTTP/1.1" 403 409
"-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213
Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
116.90.239.2 - - [20/Feb/2007:09:04:53 +052700] "GET / HTTP/1.1" 403 409
"-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213
Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
116.90.239.2 - - [20/Feb/2007:09:06:58 +052700] "GET / HTTP/1.1" 403 409
"-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213
Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
116.90.239.2 - - [20/Feb/2007:09:09:37 +052700] "GET / HTTP/1.1" 403 409
"-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213
Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
116.90.239.2 - - [20/Feb/2007:09:09:39 +052700] "GET / HTTP/1.1" 403 409
"-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213
Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
116.90.239.2 - - [20/Feb/2007:09:09:40 +052700] "GET / HTTP/1.1" 403 409
"-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213
Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
116.90.239.2 - - [20/Feb/2007:09:09:42 +052700] "GET / HTTP/1.1" 403 409
"-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213
Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
and when i issue "tail -f /var/log/httpd/error_log", I get:
[Tue Feb 20 09:09:34 2007] [notice] Digest: generating secret for digest
authentication ...
[Tue Feb 20 09:09:34 2007] [notice] Digest: done
[Tue Feb 20 09:09:34 2007] [notice] LDAP: Built with OpenLDAP LDAP SDK
[Tue Feb 20 09:09:34 2007] [notice] LDAP: SSL support unavailable
[Tue Feb 20 09:09:35 2007] [notice] Apache/2.0.47 (Fedora)
mod_perl/1.99_09 Perl/v5.8.1 DAV/2 mod_auth_pgsql/2.0.1 PHP/4.3.3
mod_python/3.0.3 Python/2.2.3 mod_ssl/2.0.47 OpenSSL/0.9.7a configured
-- resuming normal operations
[Tue Feb 20 09:09:37 2007] [error] [client 116.90.239.2] Directory index
forbidden by rule: /var/www/
[Tue Feb 20 09:09:39 2007] [error] [client 116.90.239.2] Directory index
forbidden by rule: /var/www/
[Tue Feb 20 09:09:40 2007] [error] [client 116.90.239.2] Directory index
forbidden by rule: /var/www/
[Tue Feb 20 09:09:42 2007] [error] [client 116.90.239.2] Directory index
forbidden by rule: /var/www/
[Tue Feb 20 09:10:33 2007] [notice] SIGHUP received. Attempting to restart
I'm also attaching my httpd.conf file with this mail, so that it can
help you further to understand, locate and suggest a viable solution to
my problem.
Thankyou in advance.
Actually I added the <Limit> and <LimitExcept> myself in httpd.conf.
They were not present there by default. Even though their absence or
presence seem to make no difference at the present context.
--
Sincerely,
Abhishek Singh
-- Fedora 8 has been released --
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
