Apache Forbidden Access Issues
Linking files to Apache on a new install of Cent OS 7 with Apache 2.4 was not quite as smooth as I imagined.The Setup
I'm working a new server and I want to link to another location so I can use Dropbox to work on files locally and have them automatically updated to my development system. Since it is easiest to install in the root directory, the Dropbox files automatically get setup in the root user's home directory. That is not a good place to link the document root to in Apache. The most logical thing to do was to copy those files out to another better location where they can be served by Apache. These files were still owned by root and I didn't want to change that, so I creating a symlink to get it to work.
As root (note: my document root was /var/html)
cd /var/html
ln -s /usr/demo/html/ demo
When trying to run in Apache, I would still get the Forbidden error message.
NOTE: When Apache follows symlinks, the path must be accessible all the way down by the calling user (this means you need execute access in the folder you are linking and the parent folders above it). To make sure this folder is accessible by others, I would use the following command:
chmod o+x /usr /usr/demo /usr/demo/html
That didn't work for me, but it should work. I just didn't realize the underlying problem I was experiencing which I will get to in a minute. So now, I'm thinking I'll try to use an alias and edited and saved the new config file.
Opening Apache config, I edited it as follows:
sudo nano /etc/httpd/conf/httpd.conf
Alias /demo /usr/demo/html
<Directory "/usr/demo/html">
Options FollowSymLinks
AllowOverride None
Order allow,deny
allow from all
</Directory>
All the online literature was pointing me in this direction.
Since I am using the new CentOS7 I need to restart the service using the system control program.
sudo systemctl restart httpd.service
#but, on most servers this is:
#sudo /etc/init.d/httpd restart
The server restarted properly but I am still not able to access the page and still the Forbidden error pops up in my browser. Looking in the /var/log/httpd/error_log was somewhat helpful:
[Thu Jan 15 14:37:07.549412 2015] [authz_core:error] [pid 30582] [client x.x.x.x:yyyy] AH01630: client denied by server configuration: /usr/demo/html/test.php
This was telling me that I didn't have a linux permission error accessing the file, but that I had an Apache configuration file error. Back into the httpd.conf file.
The Solution
After a little digging, I found that Apache 2.4 (that I had on the new server) handles permissions differently that the previous version 2.2 that I was used to using.
Finally modifying my httpd.conf file resulted in:
Alias /demo /usr/demo/html
<Directory "/usr/demo/html">
Options FollowSymLinks
AllowOverride None
Require all granted
</Directory>
Now everything works. I just hadn't been aware that setting aliases in new Apache 2.4 installtion requires a couple changes in the httpd.conf file to get things working properly. All this time it was just I was using:
Order allow,deny
allow from all
when I should have been using:
Require all granted
Hopefully this helps someone else save some time.
Really nice blog,i enjoyed your infomations. Thank you and i will expect more in future.
ReplyDeleteJAVA Training in Chennai
Java training institute in chennai
Selenium Training in Chennai
Hadoop Training in Chennai
Python Training in Chennai
Software testing training in chennai
JAVA Training in Chennai
Java Training in Velachery
Had a great time reading your article. Keep doing more.
ReplyDeleteSpoken English in Velachery
Spoken English Class in Chrompet
Spoken English Classes in Navalur
Spoken English Class in Avadi
Spoken English Class in Chennai
Spoken English in Chennai
IELTS Coaching Centre in Chennai
English Speaking Course in Mumbai
IELTS Coaching in Mumbai
Great Blog!!! it is more informative for us.. Thanks for sharing with us...
ReplyDeleteBig Data Course in Coimbatore
Big Data Training in Coimbatore
hadoop training in bangalore
big data training in bangalore
AWS Training in Bangalore
data analytics courses in bangalore
Hadoop Certification in Coimbatore
Android Training in Coimbatore
CCNA Course in Coimbatore
Innovative post!!! Keep on Posting... Thanks for it!!!
ReplyDeleteData Analytics Courses in Coimbatore
Big Data Analytics Training in Coimbatore
Big Data Analytics Training in Bangalore
Data Analytics Courses in Bangalore
Java Training in Bangalore
Python Training in Bangalore
Java Training in Coimbatore
Oracle Training in Coimbatore
PHP Training in Coimbatore
IELTS Coaching in Coimbatore
Thanks for your blog... The blog is more informative... Waiting for the upcoming data..
ReplyDeleteSoftware Testing Course in Coimbatore
best software testing training institute in coimbatore
Best Java Training Institutes in Bangalore
Hadoop Training in Bangalore
Data Science Courses in Bangalore
Digital Marketing Training in Coimbatore
Digital Marketing Course in Coimbatore
The way you have presented the blog is really good.... thanks for sharing with us...
ReplyDeleteAndroid Training in Chennai
android classes in chennai
android development course in chennai
Android Course in Chennai
Android Training in Tambaram
Android training in Guindy
Python Training in Chennai
Big data training in chennai
SEO training in chennai
JAVA Training in Chennai
Thanks for giving excellent Message.Waiting for next article
ReplyDeleteDOT NET Training in Chennai
c# training in chennai
dot net classes in chennai
mvc training in chennai
dot net training in T nagar
Html5 Training in Chennai
Spring Training in Chennai
Struts Training in Chennai
Wordpress Training in Chennai
SAS Training in Chennai