httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Abhishek Singh <aks.abhis...@gmail.com>
Subject Re: [users@httpd] Regarding 403 Forbidden Error
Date Mon, 31 Dec 2007 18:50:16 GMT
Chris Evens wrote:
> Have you tried to comment out the Limit and LimitExcept in your <Directory
> "/var/www/html"> entry?
> 
> Christopher Evens
> Web Programmer, Christian Record Services for the Blind
> Free lending library for the blind
> www.christianrecord.org
> 
> 
> -----Original Message-----
> From: Abhishek Singh [mailto:aks.abhishek@gmail.com] 
> Sent: Monday, December 31, 2007 11:03 AM
> To: users@httpd.apache.org
> Subject: [users@httpd] Regarding 403 Forbidden Error
> 
> Dear All,
>            I searched over the achieves regarding my problem, but could not
> find a solution that would work in my case. Hence I'm posting to this group.
>          The text of the problem goes as below:
> I've a Fedora Core 1 Box running with the following httpd specification (as
> returned by httpd -V):
> 
> Server version: Apache/2.0.47
> Server built:   Oct 23 2003 06:48:44
> Server's Module Magic Number: 20020903:4
> Architecture:   32-bit
> Server compiled with....
>   -D APACHE_MPM_DIR="server/mpm/prefork"
>   -D APR_HAS_SENDFILE
>   -D APR_HAS_MMAP
>   -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
>   -D APR_USE_SYSVSEM_SERIALIZE
>   -D APR_USE_PTHREAD_SERIALIZE
>   -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
>   -D APR_HAS_OTHER_CHILD
>   -D AP_HAVE_RELIABLE_PIPED_LOGS
>   -D HTTPD_ROOT="/etc/httpd"
>   -D SUEXEC_BIN="/usr/sbin/suexec"
>   -D DEFAULT_PIDLOG="logs/httpd.pid"
>   -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
>   -D DEFAULT_LOCKFILE="logs/accept.lock"
>   -D DEFAULT_ERRORLOG="logs/error_log"
>   -D AP_TYPES_CONFIG_FILE="conf/mime.types"
>   -D SERVER_CONFIG_FILE="conf/httpd.conf"
> 
> The listing inside /var/www/html/ (i.e. ls -al) gives:
> 
> total 16
> drwxr-xr-x    3 root     root         4096 Feb 20 10:24 .
> drwxr-xr-x    9 root     root         4096 Jan 11 08:49 ..
> -rwxr--r--    1 root     root          196 Feb 20 08:44 index.html
> drwxr-xr-x    2 root     root         4096 Jan 11 06:00 usage
> 
> The listing of httpd service (i.e. ps aux|grep httpd) gives:
> 
> root     11014  0.0  3.7 22372 9468 ?        S    10:17   0:00 
> /usr/sbin/httpd
> apache   11017  0.0  3.7 22472 9592 ?        S    10:17   0:00 
> /usr/sbin/httpd
> apache   11018  0.0  3.7 22472 9504 ?        S    10:17   0:00 
> /usr/sbin/httpd
> apache   11019  0.0  3.7 22472 9500 ?        S    10:17   0:00 
> /usr/sbin/httpd
> apache   11020  0.0  3.7 22472 9500 ?        S    10:17   0:00 
> /usr/sbin/httpd
> apache   11021  0.0  3.7 22472 9500 ?        S    10:17   0:00 
> /usr/sbin/httpd
> apache   11022  0.0  3.7 22472 9500 ?        S    10:17   0:00 
> /usr/sbin/httpd
> apache   11023  0.0  3.7 22472 9500 ?        S    10:17   0:00 
> /usr/sbin/httpd
> apache   11024  0.0  3.7 22472 9500 ?        S    10:17   0:00 
> /usr/sbin/httpd
> root     11039  0.0  0.2  4764  584 pts/1    S    10:25   0:00 grep httpd
> 
> Now, I edited the /etc/httpd/conf.d/welcome.conf file and commented all the
> lines so that my own index.html file would be displayed instead of the
> default fedora welcome page. I created a file called "index.html" in the
> directory /var/www/html and gave it a permission of 755 (i.e. chmod
> 755 index.html).
>            But whenever I tried to browse my website, I get a "403 Forbidden
> Error" and states that "You don't have permission to access / on this
> server." I tried looking at the various solutions over the archive that
> suggested me to do the following things, and I did, but there was no effect.
> The suggestions were as below, which seemed to be in vain for me:
> 1. Check if the user running the service httpd has read and execute access to
> the document root (i.e. /var/www/html)
> -> the ls -ld /var/www/html returns
>     drwxr-xr-x    3 root     root         4096 Feb 20 10:24 html/
>     which means that all the user have the execute permission, but shows 
>      that the other users except group and owner doesn't have read
> permission. To resolve this issue, I chmoded the /var/www/html directory to
> 755 and even added the user "apache" to the group "root". Moreover I even
> trid "chown -R apache /var/www/html", but no effect.
> 
> 2. Check the httpd.conf file and see if directory listing is allowed and
> directory index is defined.
> -> The httpd.conf clearly shows that the the Directory directive to the
> document root has been clearly defined and "Allow from all" option have been
> emphasized. Moreover "Options all" has been included in the directive index
> as well.
> 
> 3. Check if you have SELinux Installed and it's causing the problem.
> -> I had disabled SELinux at the installation only, hence there is no
> point that SELinux is causing the problem.
> 
>             The archive also suggests to go through the httpd log files 
> (/var/log/httpd/error_log and /var/log/httpd/access_log). When I issued 
> "tail -f /var/log/httpd/access_log", I get:
> 
> 116.90.239.2 - - [20/Feb/2007:08:55:34 +052700] "GET / HTTP/1.1" 403 409 
> "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213 
> Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
> 124.41.253.161 - - [20/Feb/2007:08:58:39 +052700] "GET / HTTP/1.1" 403 
> 409 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11) 
> Gecko/20071127 Firefox/2.0.0.11"
> 124.41.253.161 - - [20/Feb/2007:08:59:44 +052700] "GET / HTTP/1.1" 403 
> 409 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.11) 
> Gecko/20071127 Firefox/2.0.0.11"
> 116.90.239.2 - - [20/Feb/2007:09:04:51 +052700] "GET / HTTP/1.1" 403 409 
> "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213 
> Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
> 116.90.239.2 - - [20/Feb/2007:09:04:53 +052700] "GET / HTTP/1.1" 403 409 
> "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213 
> Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
> 116.90.239.2 - - [20/Feb/2007:09:06:58 +052700] "GET / HTTP/1.1" 403 409 
> "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213 
> Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
> 116.90.239.2 - - [20/Feb/2007:09:09:37 +052700] "GET / HTTP/1.1" 403 409 
> "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213 
> Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
> 116.90.239.2 - - [20/Feb/2007:09:09:39 +052700] "GET / HTTP/1.1" 403 409 
> "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213 
> Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
> 116.90.239.2 - - [20/Feb/2007:09:09:40 +052700] "GET / HTTP/1.1" 403 409 
> "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213 
> Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
> 116.90.239.2 - - [20/Feb/2007:09:09:42 +052700] "GET / HTTP/1.1" 403 409 
> "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.10) Gecko/20071213 
> Fedora/2.0.0.10-3.fc8 Firefox/2.0.0.10"
> 
> and when i issue "tail -f /var/log/httpd/error_log", I get:
> 
> [Tue Feb 20 09:09:34 2007] [notice] Digest: generating secret for digest 
> authentication ...
> [Tue Feb 20 09:09:34 2007] [notice] Digest: done
> [Tue Feb 20 09:09:34 2007] [notice] LDAP: Built with OpenLDAP LDAP SDK
> [Tue Feb 20 09:09:34 2007] [notice] LDAP: SSL support unavailable
> [Tue Feb 20 09:09:35 2007] [notice] Apache/2.0.47 (Fedora) 
> mod_perl/1.99_09 Perl/v5.8.1 DAV/2 mod_auth_pgsql/2.0.1 PHP/4.3.3 
> mod_python/3.0.3 Python/2.2.3 mod_ssl/2.0.47 OpenSSL/0.9.7a configured 
> -- resuming normal operations
> [Tue Feb 20 09:09:37 2007] [error] [client 116.90.239.2] Directory index 
> forbidden by rule: /var/www/
> [Tue Feb 20 09:09:39 2007] [error] [client 116.90.239.2] Directory index 
> forbidden by rule: /var/www/
> [Tue Feb 20 09:09:40 2007] [error] [client 116.90.239.2] Directory index 
> forbidden by rule: /var/www/
> [Tue Feb 20 09:09:42 2007] [error] [client 116.90.239.2] Directory index 
> forbidden by rule: /var/www/
> [Tue Feb 20 09:10:33 2007] [notice] SIGHUP received.  Attempting to restart
> 
> I'm also attaching my httpd.conf file with this mail, so that it can 
> help you further to understand, locate and suggest a viable solution to 
> my problem.
>        Thankyou in advance.
> 
Actually I added the <Limit> and <LimitExcept> myself in httpd.conf. 
They were not present there by default. Even though their absence or 
presence seem to make no difference at the present context.

-- 
Sincerely,
Abhishek Singh
-- Fedora 8 has been released --

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message