You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "Jonathan S. Abrams" <j....@nutmegaudiopost.com> on 2006/02/07 17:16:56 UTC
[users@httpd] 403 Forbidden Error
I have hit a wall in trying to eliminate a 403 error, and I am hoping
someone can show me the error of my ways. My server configuration is
Apache/2.0.55 (Unix) PHP/4.4.2 mod_ssl/2.0.55 OpenSSL/0.9.7i.
If I attempt to go to a directory on my web server, such as /test/, I
get Forbidden - You don't have permission to access /test/ on this
server. Now, if I try to go to a file within that directory, such as
/test/test.txt, the .txt file will display in my browser.
In my httpd.conf file, I have a line that reads Options +Indexes
FollowSymLinks. After reading the FAQ, I made certain that I had the
following entered.
<Files ~ "^\.ht">
Order allow,deny
Allow from all
</Files>
The user that originally configured this setup a virtual host conf file,
located at /conf/sites/myconf.conf. The last line of httpd.conf
includes a reference (via *.conf) to this file. Inside the myconf.conf
file, I have a line that reads Options +Indexes ExecCGI IncludesNoExec.
mod_autoindex is a loaded module in my Apache configuration. The
permissions on the /test/ directory that I cannot access are the same as
a directory hosting PHP code, and the PHP code is working with Apache.
If anyone can provide insight as to why I would be getting a 403 error
trying to access a directory, such as /test/, it would be appreciated.
Thanks for reading!
-Jonathan
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by Joshua Slive <jo...@slive.ca>.
On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
>
> More importantly - if the debug level isn't logging these errors, what
> is going on?
There are certain error conditions that don't result in an error log
entry. These are less common in more recent version, but may still
occur. Usually, forbidden errors that don't write anything to the log
are caused by unix permissions problems.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by "Jonathan S. Abrams" <j....@nutmegaudiopost.com>.
Thanks for the link. Alas, I still have the problem I reported. :-(
-Jonathan
httpd2@karsites.net wrote:
>I think error 403 is a custom error message. I do not know
>whether it should be written to the error file by default.
>I would expect it to be, just like 404's are.
>
>See if this article is of any help to you.
>
>http://www.modwest.com/help/kb.phtml?qid=144&cat=1
>
>HTH
>
>Keith
>
>In theory, theory and practice are the same;
>In practice they are not.
>
>On Tue, 7 Feb 2006, Jonathan S. Abrams wrote:
>
>
>
>>To: users@httpd.apache.org
>>From: Jonathan S. Abrams <j....@nutmegaudiopost.com>
>>Subject: Re: [users@httpd] 403 Forbidden Error
>>
>>httpd2@karsites.net wrote:
>>
>>
>>
>>>Try changing the LogLevel directive to debug.
>>>
>>>LogLevel debug
>>>
>>>This will generate the max amount of error logging.
>>>
>>>Be carefull you do not run out of disk space though.
>>>
>>>
>>>
>>>
>>I have plenty of disk space. The LogLevel was set to warn. Changing to
>>debug has not made a difference though. There are no entries in the
>>error_log file pertaining to this 403 error. After restarting the server
>>with loglevel set to debug, the last entry in the error_log file reads as
>>follows:
>>
>>[Tue Feb 07 12:39:56 2006] [debug] prefork.c(956): AcceptMutex: sysvsem
>>(default: sysvsem)
>>
>>Should a loglevel of warn catch forbidden access errors? If not, what
>>level do you recommend I keep this parameter at?
>>
>>More importantly - if the debug level isn't logging these errors, what is
>>going on?
>>
>>-Jonathan
>>
>>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by ht...@karsites.net.
I think error 403 is a custom error message. I do not know
whether it should be written to the error file by default.
I would expect it to be, just like 404's are.
See if this article is of any help to you.
http://www.modwest.com/help/kb.phtml?qid=144&cat=1
HTH
Keith
In theory, theory and practice are the same;
In practice they are not.
On Tue, 7 Feb 2006, Jonathan S. Abrams wrote:
> To: users@httpd.apache.org
> From: Jonathan S. Abrams <j....@nutmegaudiopost.com>
> Subject: Re: [users@httpd] 403 Forbidden Error
>
> httpd2@karsites.net wrote:
>
> > Try changing the LogLevel directive to debug.
> >
> > LogLevel debug
> >
> > This will generate the max amount of error logging.
> >
> > Be carefull you do not run out of disk space though.
> >
> >
> I have plenty of disk space. The LogLevel was set to warn. Changing to
> debug has not made a difference though. There are no entries in the
> error_log file pertaining to this 403 error. After restarting the server
> with loglevel set to debug, the last entry in the error_log file reads as
> follows:
>
> [Tue Feb 07 12:39:56 2006] [debug] prefork.c(956): AcceptMutex: sysvsem
> (default: sysvsem)
>
> Should a loglevel of warn catch forbidden access errors? If not, what
> level do you recommend I keep this parameter at?
>
> More importantly - if the debug level isn't logging these errors, what is
> going on?
>
> -Jonathan
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by "Jonathan S. Abrams" <j....@nutmegaudiopost.com>.
httpd2@karsites.net wrote:
>Try changing the LogLevel directive to debug.
>
>LogLevel debug
>
>This will generate the max amount of error logging.
>
>Be carefull you do not run out of disk space though.
>
>
I have plenty of disk space. The LogLevel was set to warn. Changing to
debug has not made a difference though. There are no entries in the
error_log file pertaining to this 403 error. After restarting the
server with loglevel set to debug, the last entry in the error_log file
reads as follows:
[Tue Feb 07 12:39:56 2006] [debug] prefork.c(956): AcceptMutex: sysvsem
(default: sysvsem)
Should a loglevel of warn catch forbidden access errors? If not, what
level do you recommend I keep this parameter at?
More importantly - if the debug level isn't logging these errors, what
is going on?
-Jonathan
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by ht...@karsites.net.
Try changing the LogLevel directive to debug.
LogLevel debug
This will generate the max amount of error logging.
Be carefull you do not run out of disk space though.
Keith
In theory, theory and practice are the same;
In practice they are not.
On Tue, 7 Feb 2006, Jonathan S. Abrams wrote:
> To: users@httpd.apache.org
> From: Jonathan S. Abrams <j....@nutmegaudiopost.com>
> Subject: Re: [users@httpd] 403 Forbidden Error
>
> Joshua Slive wrote:
>
> > On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
> >
> >
> > > If I attempt to go to a directory on my web server, such as
> > > /test/, I
> > > get Forbidden - You don't have permission to access /test/ on this
> > > server. Now, if I try to go to a file within that directory, such
> > > as
> > > /test/test.txt, the .txt file will display in my browser.
> > >
> > >
> >
> > The first thing to look at is the error_log. No point in doing any
> > further debugging before knowing exactly what it says in there.
> >
> >
> Ah, yes. Unfortunately, I already looked there and did not find anything.
> Warn, notice, error, alert, and emerg are the only types of entries I see.
> The error_log file is not being updated after I attempt to go to /test/
> and get the 403 error, nor does it contain any data from previous
> attempts. Could this be related to the level of error logging specified
> in the conf file? Do I need to blow out the contents of error_log?
>
> > > In my httpd.conf file, I have a line that reads Options +Indexes
> > > FollowSymLinks.
> > >
> > >
> >
> > Do not mix + and non-+ Options. Try
> > Options Indexes FollowSymLinks
> >
> >
> >
> Done, but it has not made a difference.
>
> > > After reading the FAQ, I made certain that I had the
> > > following entered.
> > >
> > > <Files ~ "^\.ht">
> > > Order allow,deny
> > > Allow from all
> > > </Files>
> > >
> > >
> >
> > Where in the FAQ did you see that?
> >
> http://httpd.apache.org/docs/1.3/misc/FAQ.html#forbidden
>
> > That has nothing to do with your
> > problem, but will make certain config files availble for public
> > download that you probably dont' need to make available.
> >
> >
> Ok then, I have regressed that change (Deny from all).
>
> > > The user that originally configured this setup a virtual host conf
> > > file,
> > > located at /conf/sites/myconf.conf. The last line of httpd.conf
> > > includes a reference (via *.conf) to this file. Inside the
> > > myconf.conf
> > > file, I have a line that reads Options +Indexes ExecCGI
> > > IncludesNoExec.
> > >
> > >
> >
> > Again, remove the "+".
> >
> >
> Done, but again, it has not made a difference.
>
> Thanks for taking the time to respond.
>
> -Jonathan
k
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by "Jonathan S. Abrams" <j....@nutmegaudiopost.com>.
Joshua Slive wrote:
>On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
>
>
>>Joshua Slive wrote:
>>
>>
>>
>>>On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
>>>
>>>
>>>
>>>
>>>>If I attempt to go to a directory on my web server, such as /test/, I
>>>>get Forbidden - You don't have permission to access /test/ on this
>>>>server. Now, if I try to go to a file within that directory, such as
>>>>/test/test.txt, the .txt file will display in my browser.
>>>>
>>>>
>>>>
>>>>
>>>The first thing to look at is the error_log. No point in doing any
>>>further debugging before knowing exactly what it says in there.
>>>
>>>
>>>
>>>
>>Ah, yes. Unfortunately, I already looked there and did not find
>>anything.
>>
>>
>
>Check the unix permissions on the directory and the index.html file
>within the directory.
>
>
The unix permissions are the same as the directory containing my PHP
code (which is working). There is no index.html file in the directory.
I thought that mod_autoindex being active, in conjunction with the
Indexes option, would result in Apache auto-generating a directory
listing. Is this not correct?
-Jonathan
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by ht...@karsites.net.
Are you running it as root user?
if not, open a root shell, and try again.
Keith
In theory, theory and practice are the same;
In practice they are not.
On Tue, 7 Feb 2006, Jonathan S. Abrams wrote:
> To: users@httpd.apache.org
> From: Jonathan S. Abrams <j....@nutmegaudiopost.com>
> Subject: Re: [users@httpd] 403 Forbidden Error
>
> Joshua Slive wrote:
>
> > On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
> >
> >
> > > Joshua Slive wrote:
> > >
> > >
> > > > Other than that, you will need to get into more serious
> > > > debugging like
> > > > running "strace httpd -X" and seeing what syscall is failing.
> > > >
> > > >
> > > Does strace exist for Tiger server? When I type man strace, I get
> > > nothing. When I typed in the command you suggested, the response
> > > I got
> > > was -bash: strace: command not found.
> > >
> > >
> >
> > Try "ktrace". I've never used it, but that is supposed to work.
> >
> Well, after reading the man page, I determined that I need to type
>
> ktrace -idg 390
>
> Unfortunately, the output in terminal reads ktrace: ktrace.out: Operation
> not permitted
>
> Bummer.
> -Jonathan
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] DirectoryIndex in *.conf WAS 403 Forbidden Error
Posted by "Jonathan S. Abrams" <j....@nutmegaudiopost.com>.
Thank you to Joshua and everyone else that contributed to this thread.
Not only did I learn a new Terminal command (ktrace), but I also solved
the problem and have a slightly better understanding of how Apache
recommends *.conf files be laid out. It turns out the one that was
setup for us previously worked, but it certainly didn't have the Apache
recommended format.
Cheers!
-Jonathan
Joshua Slive wrote:
>On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
>
>
>
>> "[Tue Feb 07 16:00:14 2006] [error] [client 198.65.202.94]
>>Directory in\
>> dex forbidden by rule: /Library/WebServer/new_FTP-Server/test/
>>
>>
>
>There is the error log entry that you kept promising us didn't exist.
>You must be looking in the wrong error log.
>
>The entry tells us that you do not have "Options Indexes" set on the
>directory in question.
>
>Looking at the VirtualHost config you posted above, I note that it
>looks like a name-based virtual host, but there is no ServerName
>directive. So I suspect that this <VirtualHost> block is not being
>used at all. This would explain why the configurations contained in
>it have no effect, and also why the errors are getting sent to a
>different log file.
>
>So you need to start by figuring out which <VirtualHost> block (if
>any) is actually serving the request, and adjust the configuration in
>that block.
>
>Joshua.
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] DirectoryIndex in *.conf WAS 403 Forbidden Error
Posted by Joshua Slive <jo...@slive.ca>.
On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
> "[Tue Feb 07 16:00:14 2006] [error] [client 198.65.202.94]
> Directory in\
> dex forbidden by rule: /Library/WebServer/new_FTP-Server/test/
There is the error log entry that you kept promising us didn't exist.
You must be looking in the wrong error log.
The entry tells us that you do not have "Options Indexes" set on the
directory in question.
Looking at the VirtualHost config you posted above, I note that it
looks like a name-based virtual host, but there is no ServerName
directive. So I suspect that this <VirtualHost> block is not being
used at all. This would explain why the configurations contained in
it have no effect, and also why the errors are getting sent to a
different log file.
So you need to start by figuring out which <VirtualHost> block (if
any) is actually serving the request, and adjust the configuration in
that block.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] DirectoryIndex in *.conf WAS 403 Forbidden Error
Posted by "Jonathan S. Abrams" <j....@nutmegaudiopost.com>.
Joshua Slive wrote:
>DirectoryIndex and Options Indexes do not override each other. They
>are complementary.
>
>
That's what I initially thought.
>I strongly suspect that you have a simple config or unix permissions
>problem.
>
It must be config, because the unix permissions are correct.
> But there is not much that can be done at this point unless
>you can use basic debugging tools.
>
You mean ktrace? Perhaps this is enough data from ktrace to determine
what isn't going on?
528 httpd NAMI "/Library/WebServer/new_FTP-Server/test/index.shtml"
528 httpd RET lstat -1 errno 2 No such file or directory
528 httpd CALL stat(0x18f44f8,0xbffff4a8)
528 httpd NAMI "/Library/WebServer/new_FTP-Server/test/index.html"
528 httpd RET stat -1 errno 2 No such file or directory
528 httpd CALL lstat(0x18f45c0,0xbffff4a8)
528 httpd NAMI "/Library"
528 httpd RET lstat 0
528 httpd CALL lstat(0x18f45c0,0xbffff4a8)
528 httpd NAMI "/Library/WebServer"
528 httpd RET lstat 0
528 httpd CALL lstat(0x18f45c0,0xbffff4a8)
528 httpd NAMI "/Library/WebServer/new_FTP-Server"
528 httpd RET lstat 0
528 httpd CALL lstat(0x18f45c0,0xbffff4a8)
528 httpd NAMI "/Library/WebServer/new_FTP-Server/test"
528 httpd RET lstat 0
528 httpd CALL lstat(0x18f45c0,0xbffff4a8)
528 httpd NAMI "/Library/WebServer/new_FTP-Server/test/index.html"
528 httpd RET lstat -1 errno 2 No such file or directory
528 httpd CALL stat(0x18f44e0,0xbffff4a8)
528 httpd NAMI "/Library/WebServer/new_FTP-Server/test/index.php"
528 httpd RET stat -1 errno 2 No such file or directory
528 httpd CALL lstat(0x18f45a8,0xbffff4a8)
528 httpd NAMI "/Library"
528 httpd RET lstat 0
528 httpd CALL lstat(0x18f45a8,0xbffff4a8)
528 httpd NAMI "/Library/WebServer"
528 httpd RET lstat 0
528 httpd CALL lstat(0x18f45a8,0xbffff4a8)
528 httpd NAMI "/Library/WebServer/new_FTP-Server"
528 httpd RET lstat 0
528 httpd CALL lstat(0x18f45a8,0xbffff4a8)
528 httpd NAMI "/Library/WebServer/new_FTP-Server/test"
528 httpd RET lstat 0
528 httpd CALL lstat(0x18f45a8,0xbffff4a8)
528 httpd NAMI "/Library/WebServer/new_FTP-Server/test/index.php"
528 httpd RET lstat -1 errno 2 No such file or directory
528 httpd CALL stat(0x18f44f8,0xbffff4a8)
528 httpd NAMI "/Library/WebServer/new_FTP-Server/test/index.shtml"
528 httpd RET stat -1 errno 2 No such file or directory
528 httpd CALL lstat(0x18f45c0,0xbffff4a8)
528 httpd NAMI "/Library"
528 httpd RET lstat 0
528 httpd CALL lstat(0x18f45c0,0xbffff4a8)
528 httpd NAMI "/Library/WebServer"
528 httpd RET lstat 0
528 httpd CALL lstat(0x18f45c0,0xbffff4a8)
528 httpd NAMI "/Library/WebServer/new_FTP-Server"
528 httpd RET lstat 0
528 httpd CALL lstat(0x18f45c0,0xbffff4a8)
528 httpd NAMI "/Library/WebServer/new_FTP-Server/test"
528 httpd RET lstat 0
528 httpd CALL lstat(0x18f45c0,0xbffff4a8)
528 httpd NAMI "/Library/WebServer/new_FTP-Server/test/index.shtml"
528 httpd RET lstat -1 errno 2 No such file or directory
528 httpd CALL sigprocmask(0x1,0,0x1179e64)
528 httpd RET sigprocmask 0
528 httpd CALL write(0x8,0xbfff9648,0x85)
528 httpd GIO fd 8 wrote 133 bytes
"[Tue Feb 07 16:00:14 2006] [error] [client 198.65.202.94]
Directory in\
dex forbidden by rule: /Library/WebServer/new_FTP-Server/test/
"
528 httpd RET write 133/0x85
528 httpd CALL read(0xd,0x18db228,0x1f40)
528 httpd RET read -1 errno 35 Resource temporarily unavailable
528 httpd CALL writev(0xd,0xbfffd790,0x2)
528 httpd GIO fd 13 wrote 594 bytes
"HTTP/1.1 403 Forbidden\r
Date: Tue, 07 Feb 2006 21:00:14 GMT\r
Server: Apache/2.0.55 (Unix) PHP/4.4.2 mod_ssl/2.0.55
OpenSSL/0.9.7i\r
Content-Length: 338\r
Keep-Alive: timeout=15, max=100\r
Connection: Keep-Alive\r
Content-Type: text/html; charset=iso-8859-1\r
\r
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /test/
on this server.</p>
<hr>
<address>Apache/2.0.55 (Unix) PHP/4.4.2 mod_ssl/2.0.55
OpenSSL/0.9.7i \
Server at clients.nutmegaudiopost.com Port 80</address>
</body></html>
"
528 httpd RET writev 594/0x252
528 httpd CALL write(0xc,0x18e5018,0xaa)
528 httpd GIO fd 12 wrote 170 bytes
"a.b.c.d - - [07/Feb/2006:16:00:14 -0500] "GET /test/ HTTP/1.1" 4\
03 338 "Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US;
rv:1.8)\
Gecko/20051229 Camino/1.0b2"
"
528 httpd RET write 170/0xaa
528 httpd CALL getrusage(0,0xbffff890)
528 httpd RET getrusage 0
528 httpd CALL getrusage(0xffffffff,0xbffff890)
528 httpd RET getrusage 0
528 httpd CALL
select(0xe,0xbffff430,0xbffff4b0,0xbffff530,0xbffff428)
390 httpd RET select 0
390 httpd CALL wait4(0xffffffff,0xbffffa78,0x3,0)
390 httpd RET wait4 0
390 httpd CALL select(0,0,0,0,0xbffffa78)
390 httpd RET select 0
390 httpd CALL wait4(0xffffffff,0xbffffa78,0x3,0)
390 httpd RET wait4 0
390 httpd CALL select(0,0,0,0,0xbffffa78)
390 httpd RET select 0
390 httpd CALL wait4(0xffffffff,0xbffffa78,0x3,0)
390 httpd RET wait4 0
390 httpd CALL select(0,0,0,0,0xbffffa78)
390 httpd RET select 0
390 httpd CALL wait4(0xffffffff,0xbffffa78,0x3,0)
390 httpd RET wait4 0
390 httpd CALL select(0,0,0,0,0xbffffa78)
390 httpd RET select 0
390 httpd CALL wait4(0xffffffff,0xbffffa78,0x3,0)
390 httpd RET wait4 0
390 httpd CALL select(0,0,0,0,0xbffffa78)
> (One additional thing that might
>be useful to see is an "ls -la" from inside the problem directory.)
>
>
-rwxrwxrwx 1 admin admin 16 Feb 7 13:05 index.txt
-rwxrwxrwx 1 admin admin 14 Jan 19 12:32 stats.php
Thanks for your patience!
-Jonathan
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] DirectoryIndex in *.conf WAS 403 Forbidden Error
Posted by Joshua Slive <jo...@slive.ca>.
On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
> I have had a breakthrough, though I do not have a solution yet. In my
> .conf file, there is a line that reads
>
> DirectoryIndex index.html index.php index.shtml.
>
> Beneath that line, later in the .conf file, I have this:
>
> <VirtualHost *:80>
> DocumentRoot /Library/WebServer/new_FTP-Server/
> <Directory /Library/WebServer/new_FTP-Server/>
> AllowOverride None
> Options Indexes ExecCGI IncludesNoExec
> Order allow,deny
> Allow from all
> </Directory>
> </VirtualHost>
>
> So, what I believe is going on here is this. Even though I have a line
> that reads "Options Indexes" inside the <Directory> tags, which are
> inside the <VirtualHost> tags, the DirectoryIndex line at the top of the
> .conf file is overriding the "Options Indexes" later in the file. Could
> this be? If so, why? If the DirectoryIndex line should not (or does
> not) override the "Options Indexes" line later in the file, then I guess
> I am back at the original problem.
DirectoryIndex and Options Indexes do not override each other. They
are complementary.
I strongly suspect that you have a simple config or unix permissions
problem. But there is not much that can be done at this point unless
you can use basic debugging tools. (One additional thing that might
be useful to see is an "ls -la" from inside the problem directory.)
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] DirectoryIndex in *.conf WAS 403 Forbidden Error
Posted by "Jonathan S. Abrams" <j....@nutmegaudiopost.com>.
I have had a breakthrough, though I do not have a solution yet. In my
.conf file, there is a line that reads
DirectoryIndex index.html index.php index.shtml.
Beneath that line, later in the .conf file, I have this:
<VirtualHost *:80>
DocumentRoot /Library/WebServer/new_FTP-Server/
<Directory /Library/WebServer/new_FTP-Server/>
AllowOverride None
Options Indexes ExecCGI IncludesNoExec
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
So, what I believe is going on here is this. Even though I have a line
that reads "Options Indexes" inside the <Directory> tags, which are
inside the <VirtualHost> tags, the DirectoryIndex line at the top of the
.conf file is overriding the "Options Indexes" later in the file. Could
this be? If so, why? If the DirectoryIndex line should not (or does
not) override the "Options Indexes" line later in the file, then I guess
I am back at the original problem.
Thanks for your help everyone!
-Jonathan
Jonathan S. Abrams wrote:
> Joshua Slive wrote:
>
>> On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
>>
>>
>>> Joshua Slive wrote:
>>>
>>>
>>>> Other than that, you will need to get into more serious debugging like
>>>> running "strace httpd -X" and seeing what syscall is failing.
>>>>
>>>
>>> Does strace exist for Tiger server? When I type man strace, I get
>>> nothing. When I typed in the command you suggested, the response I got
>>> was -bash: strace: command not found.
>>>
>>
>>
>> Try "ktrace". I've never used it, but that is supposed to work.
>>
> Well, after reading the man page, I determined that I need to type
>
> ktrace -idg 390
>
> Unfortunately, the output in terminal reads ktrace: ktrace.out:
> Operation not permitted
>
> Bummer.
> -Jonathan
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by "Jonathan S. Abrams" <j....@nutmegaudiopost.com>.
Joshua Slive wrote:
>On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
>
>
>>Joshua Slive wrote:
>>
>>
>>>Other than that, you will need to get into more serious debugging like
>>>running "strace httpd -X" and seeing what syscall is failing.
>>>
>>>
>>Does strace exist for Tiger server? When I type man strace, I get
>>nothing. When I typed in the command you suggested, the response I got
>>was -bash: strace: command not found.
>>
>>
>
>Try "ktrace". I've never used it, but that is supposed to work.
>
Well, after reading the man page, I determined that I need to type
ktrace -idg 390
Unfortunately, the output in terminal reads ktrace: ktrace.out:
Operation not permitted
Bummer.
-Jonathan
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by Joshua Slive <jo...@slive.ca>.
On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
> Joshua Slive wrote:
> >Other than that, you will need to get into more serious debugging like
> >running "strace httpd -X" and seeing what syscall is failing.
> >
> >
> Does strace exist for Tiger server? When I type man strace, I get
> nothing. When I typed in the command you suggested, the response I got
> was -bash: strace: command not found.
Try "ktrace". I've never used it, but that is supposed to work.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by "Jonathan S. Abrams" <j....@nutmegaudiopost.com>.
Joshua Slive wrote:
>[Back to the list.]
>
>On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
>
>
>>The unix permissions are the same as the directory containing my PHP
>>code (which is working). There is no index.html file in the directory.
>>I thought that mod_autoindex being active, in conjunction with the
>>Indexes option, would result in Apache auto-generating a directory
>>listing. Is this not correct?
>>
>>
>
>Can you show us the "ls -la" of the directory?
>
>
drwxrwxrwx 11 admin admin 374 Mar 18 2005 mwftp
drwxrwxrwx 5 admin admin 170 Feb 7 13:05 test
mwftp contains the PHP code that is running properly in Apache, test is
a directory whose contents I cannot get a list of with Apache.
>Are you using SELinux?
>
Mac OS X v10.4.4 Tiger Server.
> Is it properly configured?
>
>
As far as I can tell it is. I am trying to add new functionality
(directory listings).
>Other than that, you will need to get into more serious debugging like
>running "strace httpd -X" and seeing what syscall is failing.
>
>
Does strace exist for Tiger server? When I type man strace, I get
nothing. When I typed in the command you suggested, the response I got
was -bash: strace: command not found.
-Jonathan
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by Joshua Slive <jo...@slive.ca>.
[Back to the list.]
On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
> The unix permissions are the same as the directory containing my PHP
> code (which is working). There is no index.html file in the directory.
> I thought that mod_autoindex being active, in conjunction with the
> Indexes option, would result in Apache auto-generating a directory
> listing. Is this not correct?
Can you show us the "ls -la" of the directory?
Are you using SELinux? Is it properly configured?
Other than that, you will need to get into more serious debugging like
running "strace httpd -X" and seeing what syscall is failing.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by Joshua Slive <jo...@slive.ca>.
On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
> Joshua Slive wrote:
>
> >On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
> >
> >
> >>If I attempt to go to a directory on my web server, such as /test/, I
> >>get Forbidden - You don't have permission to access /test/ on this
> >>server. Now, if I try to go to a file within that directory, such as
> >>/test/test.txt, the .txt file will display in my browser.
> >>
> >>
> >
> >The first thing to look at is the error_log. No point in doing any
> >further debugging before knowing exactly what it says in there.
> >
> >
> Ah, yes. Unfortunately, I already looked there and did not find
> anything.
Check the unix permissions on the directory and the index.html file
within the directory.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by "Jonathan S. Abrams" <j....@nutmegaudiopost.com>.
Joshua Slive wrote:
>On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
>
>
>>If I attempt to go to a directory on my web server, such as /test/, I
>>get Forbidden - You don't have permission to access /test/ on this
>>server. Now, if I try to go to a file within that directory, such as
>>/test/test.txt, the .txt file will display in my browser.
>>
>>
>
>The first thing to look at is the error_log. No point in doing any
>further debugging before knowing exactly what it says in there.
>
>
Ah, yes. Unfortunately, I already looked there and did not find
anything. Warn, notice, error, alert, and emerg are the only types of
entries I see. The error_log file is not being updated after I attempt
to go to /test/ and get the 403 error, nor does it contain any data from
previous attempts. Could this be related to the level of error logging
specified in the conf file? Do I need to blow out the contents of
error_log?
>>In my httpd.conf file, I have a line that reads Options +Indexes
>>FollowSymLinks.
>>
>>
>
>Do not mix + and non-+ Options. Try
>Options Indexes FollowSymLinks
>
>
>
Done, but it has not made a difference.
>>After reading the FAQ, I made certain that I had the
>>following entered.
>>
>><Files ~ "^\.ht">
>>Order allow,deny
>>Allow from all
>></Files>
>>
>>
>
>Where in the FAQ did you see that?
>
http://httpd.apache.org/docs/1.3/misc/FAQ.html#forbidden
> That has nothing to do with your
>problem, but will make certain config files availble for public
>download that you probably dont' need to make available.
>
>
Ok then, I have regressed that change (Deny from all).
>>The user that originally configured this setup a virtual host conf file,
>>located at /conf/sites/myconf.conf. The last line of httpd.conf
>>includes a reference (via *.conf) to this file. Inside the myconf.conf
>>file, I have a line that reads Options +Indexes ExecCGI IncludesNoExec.
>>
>>
>
>Again, remove the "+".
>
>
Done, but again, it has not made a difference.
Thanks for taking the time to respond.
-Jonathan
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] 403 Forbidden Error
Posted by Joshua Slive <jo...@slive.ca>.
On 2/7/06, Jonathan S. Abrams <j....@nutmegaudiopost.com> wrote:
> If I attempt to go to a directory on my web server, such as /test/, I
> get Forbidden - You don't have permission to access /test/ on this
> server. Now, if I try to go to a file within that directory, such as
> /test/test.txt, the .txt file will display in my browser.
The first thing to look at is the error_log. No point in doing any
further debugging before knowing exactly what it says in there.
>
> In my httpd.conf file, I have a line that reads Options +Indexes
> FollowSymLinks.
Do not mix + and non-+ Options. Try
Options Indexes FollowSymLinks
> After reading the FAQ, I made certain that I had the
> following entered.
>
> <Files ~ "^\.ht">
> Order allow,deny
> Allow from all
> </Files>
Where in the FAQ did you see that? That has nothing to do with your
problem, but will make certain config files availble for public
download that you probably dont' need to make available.
> The user that originally configured this setup a virtual host conf file,
> located at /conf/sites/myconf.conf. The last line of httpd.conf
> includes a reference (via *.conf) to this file. Inside the myconf.conf
> file, I have a line that reads Options +Indexes ExecCGI IncludesNoExec.
Again, remove the "+".
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org