I just simply upgraded my Open-Suse version from 13.1 to 13.2. On my machine Apache web service runs as local background service.
- I do NOT have access to server-info and server-status locally, though I verified that the modules are loaded using the -t -D DUMP_MODULE feature.
- I do not have access to a simple text page i the server's root directory though I verified the UNIX access rights to the basic simple text page in the root directory of the server.
Please note that I DID NOT change any of the configuration files that come with the standard 13.2 distribution and all these sued to work in 13.1 version.
The Webmin package is the only one that works as before. I have no idea where to look to solve this access problem, or how to debug it: can you please give me some hints and help,
thanks SH.
This being said, I have in /etc/apache2 directory, an “httpd.conf.rpmnew” file but NO “default-server.conf.rpmnew” file as your response suggested to use for comparison. I have also a “default-server.conf” file but none with a rpmnew termination. Can you help me further ? thanks again a lot SH.
I did not find any "Allow from all" in "httpd.conf" and "default-server.conf" , but I found in exchange in <Directory /> section a "Deny from all" and in the "default-server.conf" each directory section has a "Require All Granted" directive (this includes the server root directory srv / www / htdocs).
-------------- here is the default sever.conf file:
Global configuration that will be applicable for all virtual hosts, unless
deleted here, or overriden elswhere.
DocumentRoot “/srv/www/htdocs”
Configure the DocumentRoot
<Directory “/srv/www/htdocs”>
# Possible values for the Options directive are “None”, “All”,
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that “MultiViews” must be named explicitly — “Options All”
# doesn’t give it to you.
#
# The Options directive is both complicated and important. Please see
# http:///httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
Options All
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be “All”, “None”, or any combination of the keywords:
# Options FileInfo AuthConfig Limit
AllowOverride None
# Controls who can get stuff from this server.
Require all granted
</Directory>
Aliases: aliases can be added as needed (with no limit). The format is
Alias fakename realname
Note that if you include a trailing / on fakename then the server will
require it to be present in the URL. So “/icons” isn’t aliased in this
example, only “/icons/”. If the fakename is slash-terminated, then the
realname must also be slash terminated, and if the fakename omits the
trailing slash, the realname must also omit it.
We include the /icons/ alias for FancyIndexed directory listings. If you
do not use FancyIndexing, you may comment this out.
UserDir: The name of the directory that is appended onto a user’s home
directory if a ~user request is received.
To disable it, simply remove userdir from the list of modules in APACHE_MODULES
in /etc/sysconfig/apache2.
<IfModule mod_userdir.c>
# Note that the name of the user directory (“public_html”) cannot simply be
# changed here, since it is a compile time setting. The apache package
# would have to be rebuilt. You could work around by deleting
# /usr/sbin/suexec, but then all scripts from the directories would be
# executed with the UID of the webserver.
UserDir public_html
# The actual configuration of the directory is in
# /etc/apache2/mod_userdir.conf.
Include /etc/apache2/mod_userdir.conf
# You can, however, change the ~ if you find it awkward, by mapping e.g.
# http://www.example.com/users/karl-heinz/ → /home/karl-heinz/public_html/ #AliasMatch ^/users/([a-zA-Z0-9-_.])/?(.) /home/$1/public_html/$2
</IfModule>
Include all *.conf files from /etc/apache2/conf.d/.
This is mostly meant as a place for other RPM packages to drop in their
configuration snippet.
You can comment this out here if you want those bits include only in a
certain virtual host, but not here.
IncludeOptional /etc/apache2/conf.d/*.conf
The manual… if it is installed (’?’ means it won’t complain)
It’ll print all the files with the word “order” in it, I’m guessing your mod_status.conf has Order deny,allow which you need to fix to the new format and perhaps other files have the same issue.
Also check /var/log/apache2/error_log if it shows the access errors as 403 or something else.
I did as you requested, under user root. the results are here under.
Netghost:/etc/apache2 # egrep -i allow /etc/apache2/*
grep: /etc/apache2/conf.d: Is a directory
/etc/apache2/default-server.conf: # AllowOverride controls what directives may be placed in .htaccess files.
/etc/apache2/default-server.conf: AllowOverride None
/etc/apache2/default-server.conf: AllowOverride None
/etc/apache2/default-server.conf: AllowOverride None
/etc/apache2/default-vhost.conf: # For example, to allow execution of PHP scripts:
/etc/apache2/default-vhost.conf: AllowOverride None
/etc/apache2/default-vhost.conf: # AllowOverride controls what directives may be placed in .htaccess files.
/etc/apache2/default-vhost.conf: AllowOverride None
/etc/apache2/default-vhost-ssl.conf: # 4 possible values: All, SSLv2, SSLv3, TLSv1. Allow TLS and SSLv3:
/etc/apache2/default-vhost-ssl.conf: # List the protocol versions which clients are allowed to
/etc/apache2/default-vhost-ssl.conf: # can configure both in parallel (to also allow the use of DSA
/etc/apache2/default-vhost-ssl.conf: # both in parallel (to also allow the use of DSA ciphers, etc.)
/etc/apache2/default-vhost-ssl.conf: AllowOverride None
/etc/apache2/default-vhost-ssl.conf: # SSL close notify alert is send or allowed to received. This violates
/etc/apache2/errors.conf:# which allows you to create your own set of files by starting with the
/etc/apache2/errors.conf: AllowOverride None
/etc/apache2/errors.conf: ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
/etc/apache2/httpd.conf: AllowOverride None
/etc/apache2/httpd.conf: Order deny,allow
/etc/apache2/httpd.conf: Order allow,deny
/etc/apache2/httpd.conf.rpmnew: AllowOverride None
/etc/apache2/listen.conf:# Listen: Allows you to bind Apache to specific IP addresses and/or
/etc/apache2/magic:# [GRR: TIFF allows both byte orders; GIF is probably little-endian]
/etc/apache2/mod_info.conf:# Allow remote server configuration reports, with the URL of
/etc/apache2/mod_mime-defaults.conf:# LanguagePriority allows you to give precedence to some languages
/etc/apache2/mod_mime-defaults.conf:# ForceLanguagePriority allows you to serve a result page rather than
/etc/apache2/mod_mime-defaults.conf:# AddType allows you to add to or override the MIME configuration
/etc/apache2/mod_mime-defaults.conf:# AddEncoding allows you to have certain browsers uncompress
/etc/apache2/mod_mime-defaults.conf:# (This is enabled by default to allow the Apache “It Worked” page
/etc/apache2/mod_mime-defaults.conf:# Filters allow you to process content before it is sent to the client.
/etc/apache2/mod_status.conf:# Allow server status reports generated by mod_status,
/etc/apache2/mod_userdir.conf: AllowOverride FileInfo AuthConfig Limit Indexes
/etc/apache2/server-tuning.conf: # maximum number of server processes allowed to start
/etc/apache2/server-tuning.conf:# KeepAlive: Whether or not to allow persistent connections (more than
/etc/apache2/server-tuning.conf:# MaxKeepAliveRequests: The maximum number of requests to allow
/etc/apache2/server-tuning.conf:# during a persistent connection. Set to 0 to allow an unlimited amount.
grep: /etc/apache2/ssl.crl: Is a directory
grep: /etc/apache2/ssl.crt: Is a directory
grep: /etc/apache2/ssl.csr: Is a directory
/etc/apache2/ssl-global.conf: # Note that on most platforms shared memory segments are not allowed to be on
/etc/apache2/ssl-global.conf: # can configure both in parallel (to also allow the use of DSA
/etc/apache2/ssl-global.conf: # both in parallel (to also allow the use of DSA ciphers, etc.)
grep: /etc/apache2/ssl.key: Is a directory
grep: /etc/apache2/ssl.prm: Is a directory
grep: /etc/apache2/sysconfig.d: Is a directory
grep: /etc/apache2/vhosts.d: Is a directory
Netghost:/etc/apache2 #
Here are listed mod_status.conf and mod_info.conf for extra information.
Allow server status reports generated by mod_status,
Thanks really a lot!! I did what you said and it works now, completely: server-status, server info all…
Maybe you will be so kind and explain my why it does work now, so I learn what went wrong…thanks again a lot, friendly yours SH.
Well in short there is a difference between Apache 2.2 and 2.4 in how they handle “allowed” (access control) lists, let’s take an example:
In Apache 2 you would allow users to browse your directory with:
<Directory /SomeCoolLocation >
Order allow,deny
Allow from all
</Directory>
There. It just says that “Allow from all”, meaning anyone can read this directory.
Now in Apache 2.4 things are a little different, you only need;
<Directory /SomeCoolLocation >
Require all granted
</Directory>
to give everyone read access.
However, Apache 2.4 that ships with 13.2 no longer supports the old style configuration directives and gives 403 Forbidden warnings if your configuration files contain them. Think of it as a safeguard - your configuration files are no longer valid, hence it would be a bad idea to let people just browse anyway.
Your httpd.conf had these old directives (allow from) and the .rpmnew file had the new ones (require all… )
I am having the same problem. I finally got apache2 to start but I am still getting access forbidden. Here is the output of egrep -I allow /etc/apache2/* . Is there something else I need to change?
MS02-CG-Comp28:/srv/www/htdocs # egrep -i allow /etc/apache2/*
grep: /etc/apache2/conf.d: Is a directory
/etc/apache2/default-server.conf: # AllowOverride controls what directives may be placed in .htaccess files.
/etc/apache2/default-server.conf: AllowOverride None
/etc/apache2/default-server.conf: AllowOverride None
/etc/apache2/default-server.conf: AllowOverride None
/etc/apache2/default-server.conf.rpmnew: # AllowOverride controls what directives may be placed in .htaccess files.
/etc/apache2/default-server.conf.rpmnew: AllowOverride None
/etc/apache2/default-server.conf.rpmnew: AllowOverride None
/etc/apache2/default-server.conf.rpmnew: AllowOverride None
/etc/apache2/default-server.conf_updatebackup: # AllowOverride controls what directives may be placed in .htaccess files.
/etc/apache2/default-server.conf_updatebackup: AllowOverride All
/etc/apache2/default-server.conf_updatebackup: Order allow,deny
/etc/apache2/default-server.conf_updatebackup: Allow from all
/etc/apache2/default-server.conf_updatebackup: AllowOverride None
/etc/apache2/default-server.conf_updatebackup: Order allow,deny
/etc/apache2/default-server.conf_updatebackup: Allow from all
/etc/apache2/default-server.conf_updatebackup: AllowOverride None
/etc/apache2/default-server.conf_updatebackup: Order allow,deny
/etc/apache2/default-server.conf_updatebackup: Allow from all
/etc/apache2/default-vhost-ssl.conf: # 4 possible values: All, SSLv2, SSLv3, TLSv1. Allow TLS and SSLv3:
/etc/apache2/default-vhost-ssl.conf: # List the protocol versions which clients are allowed to
/etc/apache2/default-vhost-ssl.conf: # can configure both in parallel (to also allow the use of DSA
/etc/apache2/default-vhost-ssl.conf: # both in parallel (to also allow the use of DSA ciphers, etc.)
/etc/apache2/default-vhost-ssl.conf: AllowOverride None
/etc/apache2/default-vhost-ssl.conf: # SSL close notify alert is send or allowed to received. This violates
/etc/apache2/default-vhost.conf: # For example, to allow execution of PHP scripts:
/etc/apache2/default-vhost.conf: AllowOverride None
/etc/apache2/default-vhost.conf: # AllowOverride controls what directives may be placed in .htaccess files.
/etc/apache2/default-vhost.conf: AllowOverride None
/etc/apache2/errors.conf:# which allows you to create your own set of files by starting with the
/etc/apache2/errors.conf: AllowOverride None
/etc/apache2/errors.conf: ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
/etc/apache2/httpd.conf: AllowOverride None
/etc/apache2/httpd.conf.rpmnew: AllowOverride None
/etc/apache2/httpd.conf_old: AllowOverride None
/etc/apache2/httpd.conf_old: Order deny,allow
/etc/apache2/httpd.conf_old: Order allow,deny
/etc/apache2/httpd.conf_updatebackup: AllowOverride None
/etc/apache2/httpd.conf_updatebackup: Order deny,allow
/etc/apache2/httpd.conf_updatebackup: Order allow,deny
/etc/apache2/listen.conf:# Listen: Allows you to bind Apache to specific IP addresses and/or
/etc/apache2/listen.conf.rpmnew:# Listen: Allows you to bind Apache to specific IP addresses and/or
/etc/apache2/magic:# [GRR: TIFF allows both byte orders; GIF is probably little-endian]
/etc/apache2/mod_autoindex-defaults-oxygen.conf: AllowOverride None
/etc/apache2/mod_autoindex-defaults-oxygen.conf: Order allow,deny
/etc/apache2/mod_autoindex-defaults-oxygen.conf: Allow from all
/etc/apache2/mod_info.conf:# Allow remote server configuration reports, with the URL of
/etc/apache2/mod_mime-defaults.conf:# LanguagePriority allows you to give precedence to some languages
/etc/apache2/mod_mime-defaults.conf:# ForceLanguagePriority allows you to serve a result page rather than
/etc/apache2/mod_mime-defaults.conf:# AddType allows you to add to or override the MIME configuration
/etc/apache2/mod_mime-defaults.conf:# AddEncoding allows you to have certain browsers uncompress
/etc/apache2/mod_mime-defaults.conf:# (This is enabled by default to allow the Apache “It Worked” page
/etc/apache2/mod_mime-defaults.conf:# Filters allow you to process content before it is sent to the client.
/etc/apache2/mod_mime-defaults.conf.rpmnew:# LanguagePriority allows you to give precedence to some languages
/etc/apache2/mod_mime-defaults.conf.rpmnew:# ForceLanguagePriority allows you to serve a result page rather than
/etc/apache2/mod_mime-defaults.conf.rpmnew:# AddType allows you to add to or override the MIME configuration
/etc/apache2/mod_mime-defaults.conf.rpmnew:# AddEncoding allows you to have certain browsers uncompress
/etc/apache2/mod_mime-defaults.conf.rpmnew:# (This is enabled by default to allow the Apache “It Worked” page
/etc/apache2/mod_mime-defaults.conf.rpmnew:# Filters allow you to process content before it is sent to the client.
/etc/apache2/mod_status.conf:# Allow server status reports generated by mod_status,
/etc/apache2/mod_userdir.conf: #AllowOverride FileInfo AuthConfig Limit Indexes
/etc/apache2/mod_userdir.conf: AllowOverride All
/etc/apache2/mod_userdir.conf: Order allow,deny
/etc/apache2/mod_userdir.conf: Allow from all
/etc/apache2/mod_userdir.conf: Order deny,allow
/etc/apache2/mod_userdir.conf.rpmnew: AllowOverride FileInfo AuthConfig Limit Indexes
/etc/apache2/server-tuning.conf: # maximum number of server processes allowed to start
/etc/apache2/server-tuning.conf:# KeepAlive: Whether or not to allow persistent connections (more than
/etc/apache2/server-tuning.conf:# MaxKeepAliveRequests: The maximum number of requests to allow
/etc/apache2/server-tuning.conf:# during a persistent connection. Set to 0 to allow an unlimited amount.
/etc/apache2/ssl-global.conf: # Note that on most platforms shared memory segments are not allowed to be on
/etc/apache2/ssl-global.conf: # can configure both in parallel (to also allow the use of DSA
/etc/apache2/ssl-global.conf: # both in parallel (to also allow the use of DSA ciphers, etc.)
grep: /etc/apache2/ssl.crl: Is a directory
grep: /etc/apache2/ssl.crt: Is a directory
grep: /etc/apache2/ssl.csr: Is a directory
grep: /etc/apache2/ssl.key: Is a directory
grep: /etc/apache2/ssl.prm: Is a directory
grep: /etc/apache2/sysconfig.d: Is a directory
grep: /etc/apache2/vhosts.d: Is a directory
You have mail in /var/mail/root
MS02-CG-Comp28:/srv/www/htdocs #
The output is a complete mess so I can’t really make out anything.
As stated earlier, your default-server.conf needs to have Require all granted for htdocs and you should move the httpd.conf.rpmnew to httpd.conf. Naturally take backups before you do anything.
For example:
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
AllowOverride None
# Controls who can get stuff from this server.
Require all granted
I already had copied the default-server.rpm new to default-server.conf and also copied httpd.conf.rpmnew to httpd.conf. That was how I got apache2 to even start.
I noticed abouve where you asked someone else for the output from that grep so I thought I would sent that and maybe could glean something from it. I tried everything I had read before I posted anything. Do you have any other suggestions?
My default-server.conf also already has Require all granted for htdocs
<Directory “srv/www/htdocs”>
AllowOverride controls what directives may be placed in .htaccess files.
It can be “All”, “None”, or any combination of the keywords:
I figured out my problem and it was obvious - just threw me off. On the old version, before my upgrade, index.html was not in htddocs so I had to change my file structure. All is well, thanks so much.