PDA

View Full Version : Apache VH Forbidden Problems


agirman
03-20-2007, 02:35 PM
Hi everyone,

I'm having the darnedest time getting my apache server up and running to spec. I am running apache server 2.2.2, and I recently tried to set up some virtual hosting. The applicable portion of httpd.conf is as follows:

Listen 80
NameVirtualHost 127.0.0.1

<VirtualHost 127.0.0.1>
ServerName localhost
DocumentRoot /usr/local/apache2/htdocs
</VirtualHost>

<VirtualHost 127.0.0.1>
ServerName mydomain.com
ServerAlias www.mydomain.com
DocumentRoot /usr/local/apache2/htdocs
</VirtualHost>

<VirtualHost 127.0.0.1>
ServerName subdomain.mydomain.com
DocumentRoot /Users/agirman/Documents/workspace
</VirtualHost>

I'm using 127.0.0.1 because it's a development machine, and I'm not too concerned about browsing to it from an external source. I've added all the applicable entries to /etc/hosts and installed BIND to perform DNS lookups on the local machine (so it doesn't go to the internet version of mydomain.com).

Punching in "http://mydomain.com" into firefox gives me a resounding "It works!", indicating to me that it is successfully serving the default index.html out of my apache2/htdocs folder. However, entering "http://subdomain.mydomain.com" gives me a 403 forbidden error, that looks something like:

Forbidden

You don't have permission to access / on this server.

The corresponding entry from apache2/logs/error_log is:

[Tue Mar 20 15:16:26 2007] [error] [client 127.0.0.1] (13)Permission denied: access to / denied

which worries me a little, because it almost looks like it's trying to open root. So, I tried making a symbolic link in apache2/htdocs such that apache2/htdocs/subdomain would point to the document root specified by subdomain.mydomain.com. There is an entry in error_log as follows:

[Tue Mar 20 14:19:45 2007] [error] [client 127.0.0.1] Symbolic link not allowed or link target not accessible: /usr/local/apache2/htdocs/subdomain

I tried chmod'ing the directory to 777 (it does not seem to be a simple permissions problem). I have the following directory directives in httpd.conf:

<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>

<Directory "/usr/local/apache2/htdocs">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>

<Directory "/Users/agirman/Documents/workspace">
Options Indexes FollowSymLinks #I don't know why it says it won't
AllowOverride None
Order allow,deny
Allow from 127.0.0.1 #this was previously all, so this isn't the problem.
</Directory>

I am starting to think that either (a) apache isn't correctly channeling requests to the appropriate directory, or (b) this is something to do with apple's permission systems (I've had a hard time getting things to play nicely between the unix portions and the mac portions of the OS in the past). Those are just guesses, however. If anyone has any idea as to what the problem could be, it would be much appreciated.

Regards,

Alex.

hayne
03-20-2007, 03:23 PM
When Apache error messages refer to "/", they almost always are referring to the root of the Apache documents folder (DocumentRoot in the Apache config file).

The permissions issue is the usual one that the user account that runs the Apache server (usually 'www') must have read permission for the files and folders. You can achieve this by changing the ownership of the files to 'www' or by making them readable by all user accounts.

agirman
03-20-2007, 03:56 PM
Well, the reason I had feared that is because I have earlier error logs (from before I set up VirtualHosts) wherein apache uses absolute pathing to refer to the file(s) in question. Such as:

[Mon Dec 11 13:54:34 2006] [error] [client 127.0.0.1] File does not exist: /usr\
/local/apache2/htdocs/InfutorDA/login.js, referer: http://localhost/InfutorDA/I\
nfutorDA.html

and I couldn't see why this would change afterward. It's not a completely congruent situation, however, since the above file is referenced from an html or php file that apache serves (so different rules may apply).

Anyway, I had already set permissions on the directory in question,

I tried chmod'ing the directory to 777 (it does not seem to be a simple permissions problem).

alexander-girmans-computer:~/Documents/workspace agirman$ ls -l
total 16
drwxrwxrwx 15 agirman www 510 Mar 16 15:01 trunk
-rwxrwxrwx 1 agirman www 80 Mar 20 14:09 index.html
-rwxrwxrwx 1 agirman www 20 Dec 2 19:05 phpinfo.php
drwxrwxrwx 10 agirman www 340 Dec 4 18:54 subfolder
alexander-girmans-computer:~/Documents/workspace agirman$

so if I've done something wrong with regards to permissions, I'm not sure what.

-Alex.

agirman
03-20-2007, 04:12 PM
To be on the safe side, I recursively changed ownership on anything under /Users/agirman/Documents/workspace to 'www', but it still doesn't work.