Results 1 to 3 of 3

Thread: Apache2 htaccess problems, getting error 403 forbidden when htaccess file is added to directory

  1. #1

    Angry Apache2 htaccess problems, getting error 403 forbidden when htaccess file is added to directory

    Trying to install yellow, a php mini-cms: https://github.com/datenstrom/yellow

    under /srv/www/htdocs created directory /yellow/

    unzipped php files there.

    ran
    Code:
    chmod -Rv 755 yellow
    ran
    Code:
    chown -Rv wwwrun:www yellow
    configured server with yast ... enabled mod_rewrite

    when accessing http://localhost/yellow, gives error 403, access forbidden

    removed .htaccess file

    created index.html file, that file will load. But if I add .htaccess back to the directory, gives error 403 again.

    content of .htaccess in directory /srv/www/htdocs/yellow

    Code:
    <IfModule mod_rewrite.c>
    RewriteEngine on
    
    # Yellow dynamic pages
    
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^ yellow.php [L]
    DirectoryIndex index.html yellow.php
    RewriteRule ^(cache|content|system)/ error [L]
    
    # Yellow static pages
    
    RewriteCond %{REQUEST_FILENAME} -f
    RewriteRule ^[^\.]+$ - [T=text/html,L]
    ErrorDocument 404 /error.html
    </IfModule>
    content of /etc/apache2/httpd.conf

    Code:
    #
    # /etc/apache2/httpd.conf 
    #
    # This is the main Apache server configuration file.  It contains the
    # configuration directives that give the server its instructions.
    # See <URL:http:///httpd.apache.org/docs/2.4/> for detailed information about
    # the directives.
    
    # Based upon the default apache configuration file that ships with apache,
    # which is based upon the NCSA server configuration files originally by Rob
    # McCool. This file was knocked together by Peter Poeml <poeml+apache@suse.de>.
    
    # If possible, avoid changes to this file. It does mainly contain Include
    # statements and global settings that can/should be overridden in the
    # configuration of your virtual hosts.
    
    # Quickstart guide:
    # http://en.opensuse.org/SDB:Apache_installation
    
    
    # Overview of include files, chronologically:
    #
    # httpd.conf
    #  | 
    #  |-- uid.conf  . . . . . . . . . . . . . .  UserID/GroupID to run under
    #  |-- server-tuning.conf  . . . . . . . . .  sizing of the server (how many processes to start, ...)
    #  |-- sysconfig.d/loadmodule.conf . . . . .  [*] load these modules
    #  |-- listen.conf . . . . . . . . . . . . .  IP adresses / ports to listen on
    #  |-- mod_log_config.conf . . . . . . . . .  define logging formats
    #  |-- sysconfig.d/global.conf . . . . . . .  [*] server-wide general settings
    #  |-- mod_status.conf . . . . . . . . . . .  restrict access to mod_status (server monitoring)
    #  |-- mod_info.conf . . . . . . . . . . . .  restrict access to mod_info
    #  |-- mod_usertrack.conf  . . . . . . . . .  defaults for cookie-based user tracking
    #  |-- mod_autoindex-defaults.conf . . . . .  defaults for displaying of server-generated directory listings
    #  |-- mod_mime-defaults.conf  . . . . . . .  defaults for mod_mime configuration
    #  |-- errors.conf . . . . . . . . . . . . .  customize error responses
    #  |-- ssl-global.conf . . . . . . . . . . .  SSL conf that applies to default server _and all_ virtual hosts
    #  |
    #  |-- default-server.conf . . . . . . . . .  set up the default server that replies to non-virtual-host requests
    #  |    |--mod_userdir.conf  . . . . . . . .  enable UserDir (if mod_userdir is loaded)
    #  |    `--conf.d/apache2-manual?conf  . . .  add the docs ('?' = if installed)
    #  |
    #  |-- sysconfig.d/include.conf  . . . . . .  [*] your include files 
    #  |                                             (for each file to be included here, put its name 
    #  |                                              into APACHE_INCLUDE_* in /etc/sysconfig/apache2)
    #  |
    #  `-- vhosts.d/ . . . . . . . . . . . . . .  for each virtual host, place one file here
    #       `-- *.conf . . . . . . . . . . . . .     (*.conf is automatically included)
    #
    #
    # Files marked [*] are created from sysconfig upon server restart: instead of
    # these files, you edit /etc/sysconfig/apache2
    
    
    
    #  Filesystem layout:
    #
    # /etc/apache2/
    #  |-- charset.conv  . . . . . . . . . . . .  for mod_auth_ldap
    #  |-- conf.d/
    #  |   |-- apache2-manual.conf . . . . . . .  conf that comes with apache2-doc
    #  |   |-- mod_php4.conf . . . . . . . . . .  (example) conf that comes with apache2-mod_php4
    #  |   `-- ... . . . . . . . . . . . . . . .  other configuration added by packages
    #  |-- default-server.conf
    #  |-- errors.conf
    #  |-- httpd.conf  . . . . . . . . . . . . .  top level configuration file
    #  |-- listen.conf
    #  |-- magic
    #  |-- mime.types -> ../mime.types
    #  |-- mod_autoindex-defaults.conf
    #  |-- mod_info.conf
    #  |-- mod_log_config.conf
    #  |-- mod_mime-defaults.conf
    #  |-- mod_perl-startup.pl
    #  |-- mod_status.conf
    #  |-- mod_userdir.conf
    #  |-- mod_usertrack.conf
    #  |-- server-tuning.conf
    #  |-- ssl-global.conf
    #  |-- ssl.crl/  . . . . . . . . . . . . . .  PEM-encoded X.509 Certificate Revocation Lists (CRL)
    #  |-- ssl.crt/  . . . . . . . . . . . . . .  PEM-encoded X.509 Certificates
    #  |-- ssl.csr/  . . . . . . . . . . . . . .  PEM-encoded X.509 Certificate Signing Requests
    #  |-- ssl.key/  . . . . . . . . . . . . . .  PEM-encoded RSA Private Keys
    #  |-- ssl.prm/  . . . . . . . . . . . . . .  public DSA Parameter Files
    #  |-- sysconfig.d/  . . . . . . . . . . . .  files that are created from /etc/sysconfig/apache2
    #  |   |-- global.conf
    #  |   |-- include.conf
    #  |   `-- loadmodule.conf
    #  |-- uid.conf
    #  `-- vhosts.d/ . . . . . . . . . . . . . .  put your virtual host configuration (*.conf) here
    #      |-- vhost-ssl.template
    #      `-- vhost.template
    
    
    
    ### Global Environment ######################################################
    #
    # The directives in this section affect the overall operation of Apache,
    # such as the number of concurrent requests.
    
    # run under this user/group id
    Include /etc/apache2/uid.conf
    
    # - how many server processes to start (server pool regulation)
    # - usage of KeepAlive
    Include /etc/apache2/server-tuning.conf
    
    # ErrorLog: The location of the error log file.
    # If you do not specify an ErrorLog directive within a <VirtualHost>
    # container, error messages relating to that virtual host will be
    # logged here.  If you *do* define an error logfile for a <VirtualHost>
    # container, that host's errors will be logged there and not here.
    ErrorLog /var/log/apache2/error_log
    
    # generated from APACHE_MODULES in /etc/sysconfig/apache2
    Include /etc/apache2/sysconfig.d/loadmodule.conf
    
    # IP addresses / ports to listen on
    Include /etc/apache2/listen.conf
    
    # predefined logging formats
    Include /etc/apache2/mod_log_config.conf
    
    # generated from global settings in /etc/sysconfig/apache2
    Include /etc/apache2/sysconfig.d/global.conf
    
    # optional mod_status, mod_info
    Include /etc/apache2/mod_status.conf
    Include /etc/apache2/mod_info.conf
    
    # optional cookie-based user tracking
    # read the documentation before using it!!
    Include /etc/apache2/mod_usertrack.conf
    
    # configuration of server-generated directory listings
    Include /etc/apache2/mod_autoindex-defaults.conf
    
    # associate MIME types with filename extensions
    TypesConfig /etc/apache2/mime.types
    Include /etc/apache2/mod_mime-defaults.conf
    
    # set up (customizable) error responses
    Include /etc/apache2/errors.conf
    
    # global (server-wide) SSL configuration, that is not specific to 
    # any virtual host
    Include /etc/apache2/ssl-global.conf
    
    # forbid access to the entire filesystem by default
    <Directory />
        Options None
        AllowOverride None
        Require all granted
    </Directory>
    
    # use .htaccess files for overriding,
    AccessFileName .htaccess
    # and never show them
    <Files ~ "^\.ht">
        Require all denied
    </Files>
    
    # List of resources to look for when the client requests a directory
    DirectoryIndex index.html index.html.var
    
    ### 'Main' server configuration #############################################
    #
    # The directives in this section set up the values used by the 'main'
    # server, which responds to any requests that aren't handled by a
    # <VirtualHost> definition.  These values also provide defaults for
    # any <VirtualHost> containers you may define later in the file.
    #
    # All of these directives may appear inside <VirtualHost> containers,
    # in which case these default settings will be overridden for the
    # virtual host being defined.
    #
    Include /etc/apache2/default-server.conf
    
    
    # Another way to include your own files
    #
    # The file below is generated from /etc/sysconfig/apache2,
    # include arbitrary files as named in APACHE_CONF_INCLUDE_FILES and
    # APACHE_CONF_INCLUDE_DIRS
    Include /etc/apache2/sysconfig.d/include.conf
    
    
    ### Virtual server configuration ############################################
    #
    # VirtualHost: If you want to maintain multiple domains/hostnames on your
    # machine you can setup VirtualHost containers for them. Most configurations
    # use only name-based virtual hosts so the server doesn't need to worry about
    # IP addresses. This is indicated by the asterisks in the directives below.
    #
    # Please see the documentation at
    # <URL:http:///httpd.apache.org/docs/2.4/vhosts/>
    # for further details before you try to setup virtual hosts.
    #
    # You may use the command line option '-S' to verify your virtual host
    # configuration.
    #
    IncludeOptional /etc/apache2/vhosts.d/*.conf
    
    
    # Note: instead of adding your own configuration here, consider 
    #       adding it in your own file (/etc/apache2/httpd.conf.local)
    #       putting its name into APACHE_CONF_INCLUDE_FILES in 
    #       /etc/sysconfig/apache2 -- this will make system updates 
    #       easier :)
    CONTENT OF /etc/apache2/default-server.conf

    Code:
    #
    # Global configuration that will be applicable for all virtual hosts, unless
    # deleted here, or overriden elswhere.
    # 
    
    DocumentRoot "/srv/www/htdocs"
    
    #
    # Configure the DocumentRoot
    #
    <Directory "/srv/www/htdocs">
          # Possible values for the Options directive are "None", "All",
        # or any combination of:
        #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
        #
        # Note that "MultiViews" must be named *explicitly* --- "Options All"
        # doesn't give it to you.
        #
        # The Options directive is both complicated and important.  Please see
        # http:///httpd.apache.org/docs/2.4/mod/core.html#options
        # for more information.
    Options None
          # AllowOverride controls what directives may be placed in .htaccess files.
        # It can be "All", "None", or any combination of the keywords:
        #   Options FileInfo AuthConfig Limit
    AllowOverride All
          # Controls who can get stuff from this server.
    Require all granted
    </Directory>
    
    # Aliases: aliases can be added as needed (with no limit). The format is 
    # Alias fakename realname
    #
    # Note that if you include a trailing / on fakename then the server will
    # require it to be present in the URL.  So "/icons" isn't aliased in this
    # example, only "/icons/".  If the fakename is slash-terminated, then the 
    # realname must also be slash terminated, and if the fakename omits the 
    # trailing slash, the realname must also omit it.
    #
    # We include the /icons/ alias for FancyIndexed directory listings.  If you
    # do not use FancyIndexing, you may comment this out.
    #
    Alias /icons/ "/usr/share/apache2/icons/"
    
    <Directory "/usr/share/apache2/icons">
     Options Indexes MultiViews
     AllowOverride None
     Require all granted
    </Directory>
    
    # ScriptAlias: This controls which directories contain server scripts.
    # ScriptAliases are essentially the same as Aliases, except that
    # documents in the realname directory are treated as applications and
    # run by the server when requested rather than as documents sent to the client.
    # The same rules about trailing "/" apply to ScriptAlias directives as to
    # Alias.
    #
    ScriptAlias /cgi-bin/ "/srv/www/cgi-bin/"
    
    # "/srv/www/cgi-bin" should be changed to whatever your ScriptAliased
    # CGI directory exists, if you have that configured.
    #
    <Directory "/srv/www/cgi-bin">
     AllowOverride None
     Options +ExecCGI -Includes
     Require all granted
    </Directory>
    
    # UserDir: The name of the directory that is appended onto a user's home
    # directory if a ~user request is received.
    #
    # To disable it, simply remove userdir from the list of modules in APACHE_MODULES 
    # in /etc/sysconfig/apache2.
    #
    <IfModule mod_userdir.c>
          # Note that the name of the user directory ("public_html") cannot simply be
        # changed here, since it is a compile time setting. The apache package
        # would have to be rebuilt. You could work around by deleting
        # /usr/sbin/suexec, but then all scripts from the directories would be
        # executed with the UID of the webserver.
    UserDir public_html
          # The actual configuration of the directory is in
        # /etc/apache2/mod_userdir.conf.
    Include /etc/apache2/mod_userdir.conf
    </IfModule>
    
    
    # Include all *.conf files from /etc/apache2/conf.d/.
    #
    # This is mostly meant as a place for other RPM packages to drop in their
    # configuration snippet.
    #
    # You can comment this out here if you want those bits include only in a
    # certain virtual host, but not here.
    #
    IncludeOptional /etc/apache2/conf.d/*.conf
    
    # The manual... if it is installed ('?' means it won't complain)
    IncludeOptional /etc/apache2/conf.d/apache2-manual?conf
    ServerName localhost
    ServerAdmin gost@127.0.0.1
    NameVirtualHost 127.0.0.1
    It gave the same errors before and after adding the virtual host with YAST httpd config utility.

    mod_rewrite is present, and was enabled using YAST

    Code:
    linux:/etc/apache2 # a2enmod rewrite
    "rewrite" already present
    CHECKED PERMISSIONS AND OWNERSHIP ON WEB DIRECTORY /yellow/

    Code:
    linux:/etc/apache2 # ls -la /srv/www/htdocs/yellow
    total 48
    drwxr-xr-x 5 wwwrun www 4096 Jul 21 16:23 .
    drwxr-xr-x 7 wwwrun www 4096 Jul 21 15:29 ..
    drwxr-xr-x 4 wwwrun www 4096 Jul 15 06:03 content
    -rwxr-xr-x 1 wwwrun www   83 Jul 21 14:34 .directory
    -rwxr-xr-x 1 wwwrun www   10 Jul 15 06:03 .gitignore
    -rwxr-xr-x 1 wwwrun www  392 Jul 21 16:23 .htaccess
    -rwxr-xr-x 1 wwwrun www  439 Jul 21 16:07 .htaccess~
    drwxr-xr-x 4 wwwrun www 4096 Jul 15 06:03 media
    -rwxr-xr-x 1 wwwrun www  716 Jul 15 06:03 README.md
    drwxr-xr-x 6 wwwrun www 4096 Jul 15 06:03 system
    -rwxr-xr-x 1 wwwrun www  265 Jul 15 06:03 .travis.yml
    -rwxr-xr-x 1 wwwrun www  499 Jul 15 06:03 yellow.php
    Have uninstalled, reinstalled, and reconfigured apache 2 several times, still get error 403 when adding .htaccess to the directory.

    mod_php5 is installed.

    group 'www' is active.

    Code:
    linux:/etc/apache2 # cat /etc/group |cut -d: -f1
    root
    bin
    daemon
    sys
    tty
    disk
    lp
    www
    .....
    The htaccess file should allow the application installed at /yellow/ to rewrite all requests and filter them through its engine. But no matter what, I get error 403, forbidden.

    <php phpinfo?> looks fine, but this forum limits posts to 15000 chars.

    Ideas? apache is useless to me without .htaccess enable per directory.

  2. #2

    Default [SOLVED] Apache2 htaccess problems, getting error 403 forbidden when htaccess file is added to dir

    I don't see an option to edit the thread, or I would have placed this reply above the original post. The issue is resolved.

    For some reason, OpenSUSE's method of installing apache separates the configurations across at least a dozen configuration files and includes, that could literally take hours to scan for causes of a lack of functionality. They clearly do not want me using the server root the way I would like to use it. I could not find anywhere, in any configuration file, how to set a global option to allow .htaccess overrides and directory listings. Setting it in the conf files did nothing. There is something else in the system overriding it all.

    So I went into /etc/apache2/vhosts.d and created a virtual host MANUALLY and set the permissions and options I wanted. Then PHP would not work. So I had to run the command
    Code:
    a2enmod php5
    and then my installed php apps worked, and the .htaccess in my user's public_html directory worked.

    This is a jury rig, not a complete solution. I want to run my docs and apps from the server root in /srv/www/htdocs.(I don't want to hear, 'that's insecure' because that is a red herring, this is not a production machine I'm working on). I don't want to be sandboxed out by carefully hidden settings that would take forever to ferret out and fix. I might as well open up a C++ IDE and start coding my own http server with the amount of time that is invested troubleshooting boutique linux configurations.

    Linux is not free. Linux takes away all your time so you don't get much work done. Too tired to work after figuring out how to fix linux.

  3. #3
    Join Date
    Nov 2009
    Location
    West Virginia Sector 13
    Posts
    15,742

    Default Re: Apache2 htaccess problems, getting error 403 forbidden when htaccess file is added to directory

    No app can anticipate all users whims and desires. Yast configures things as the developers think is a good general setup. If you want something different then it is up to you to know how to do it. Web configs can get very complicated.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •