Shulou(Shulou.com)06/03 Report--

How to fix Apache httpd server 403 forbidden? I believe that many inexperienced people are helpless about this. For this reason, this article summarizes the causes and solutions of the problem. Through this article, I hope you can solve this problem.

I. Description of the problem

In Apache2's httpd configuration, 403 appears in many cases.

Just installed httpd service, of course, there will be no 403 problem. Mainly after modifying some configurations, the problem is described as follows:

After modifying the DocumentRoot directory pointer, the site has a 403 error.

Setting up a virtual host directory may also result in a 403.

Apache httpd service started successfully, looks normal, but no access

access to / denied (filesystem path '/srv/lxyproject/wsgi/django.wsgi') because search permissions are missing on a component of the path

Client denied by server configuration: /srv/lxyproject/wsgi/django.wsgi

II. Analysis of problems and programmes

Pay attention to the error log content as you solve the problem step by step. OK, start.

1. Directory configuration file in httpd.conf

If DocumentRoot is changed, say "/usr/local/site/test." The site directory and test directory are created by using mkdir, and then placing an index.html under the test directory. In this case, you should check the configuration in httpd.conf.

You must be consistent with DocumentRoot, because this section of Directory is apache access permissions to the directory settings, only set the correct directory, DocumentRoot will take effect.

# # Possible values for the Options directive are "None", "All", # or any combination of: # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews # # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. # # The Options directive is both complicated and important. Please see # http://httpd.apache.org/docs/2.4/mod/core.html#options # for more information. # Options Indexes FollowSymLinks # # AllowOverride controls what directives may be placed in .htaccess files. # It can be "All", "None", or any combination of the keywords: # Options FileInfo AuthConfig Limit # AllowOverride None # # Controls who can get stuff from this server. # Require all granted

2. Directory access rights

The first step is whether the configuration is correct or 403 appears, check whether there is Deny from all in the directory configuration. Otherwise all access will be denied, of course 403.

Allow from all or Require all granted.

Do not modify Deny from all in the root directory.

3. Directory permissions

If this is still 403, it may be a permission problem with the website directory.

Apache requires the directory to have execute permissions, i.e. x. Note that all your directory trees should have these permissions.

If your directory is/usr/local/site/test, make sure that all four levels of directories/usr,/usr/local,/usr/local/site,/usr/local/site/test have 755 permissions.

#chmod 755 /usr/local/site#chmod 755 /usr/local/site/test

I have made a mistake is only set the last level of directory permissions, not set the superior directory permissions, resulting in 403.

4. Virtual directory

[I haven't encountered this problem before, because I haven't written it like this before. The online materials say so, which can be used as a reference.]

If you are setting up a virtual directory, then you need to define a virtual directory in httpd.conf, and it looks like the following fragment:

Alias /folder "/usr/local/folder" Options FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.1 192.168.1.1

If this is the case, and you write similar to my code above, three folders are the same, it will definitely be 403! How to solve it, is to follow Alias after the slash after the string changed, changed to something, do not and virtual directory folder name is good, and then I can use the virtual directory after the change access, of course, change folder line, as long as you are not afraid of trouble, as long as Alias after the virtual directory definition character (red) and the actual folder name (black) is not the same OK.

5. Selinux's problem

If it is still 403, then selinux is at work, so you can set your directory to selinux permissions.

That's the problem I'm having today.

#chcon -R -t httpd_sys_content_t /usr/local/site#chcon -R -t httpd_sys_content_t /usr/local/site/test

Online sources say, however, that this step mostly doesn't happen. But my question is indeed, may have something to do with the system, the specific principle is not very clear.

6. The problem of wsgi

My virtual host configuration is:

WSGIScriptAlias / /srv/lxyproject/wsgi/django.wsgiAlias /static/ /srv/lxyproject/collectedstatic/ServerName 10.1.101.31#ServerName example.com#ServerAlias www.example.com Options Indexes FollowSymLinks AllowOverride None Require all granted Allow from allErrorLog /etc/httpd/logs/lxyproject.error.logLogLevel warn

I visited

Log Error:

client denied by server configuration: /srv/lxyproject/wsgi/django.wsgi

Solution:

Allowing from all is required.

This problem is due to version reasons,

My version of httpd is:

[root@yl-web conf.d]# rpm -qa |grep httpdhttpd-devel-2.4.6-31.el7.centos.x86_64httpd-tools-2.4.6-31.el7.centos.x86_64httpd-2.4.6-31.el7.centos.x86_64

Version 2.3 and above are required all granted.

Order allow,deny Allow from all = 2.3> Require all granted

The above is a small series for everyone to share the solution to the apache httpd server 403 forbidden problem, if you have similar doubts, you may wish to refer to the above method to try. If you want to know more about it, please pay attention to industry information.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.