You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Mac McCaskie <mc...@swbell.net> on 2001/12/20 00:47:45 UTC
newbie gets Forbidden on 1.3.22
Sorry folks,
I've searched the faq's and archives (just 2 days available) but I can't
find the answer. Just a vague reference in:
Group "#-1" trips up new users... What to do?
I'm trying to set up a very basic web server, and i think my issue centers
around access. As far as I can tell, I've built the server correctly
and gone through http.conf and I am now able to start httpd w/o errors.
What do I need to look at and what should the correct setting be?
this is on a freebsd 4.4 box.
ps, please remember I'm a newbie to both unix and Apache and everything
needs to be spelled out (please). I have gotten pure-ftpd to work.
thanks
Mac
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: newbie gets Forbidden on 1.3.22 -fixed
Posted by Mac McCaskie <mc...@swbell.net>.
Joshua & Daniel,
Thanks, that did the trick,
I walked down the tree and chmod'd the dirs, now I don't get forbidden
thank you, I would not have thought of it on my own.
-mac
At 08:11 PM 12/19/2001 -0500, Joshua Slive wrote:
> > From: Mac McCaskie [mailto:mccaskie@swbell.net]
>
> > Daniel,
> > Thanks, here is what I think you are asking for...
> >
> > <screen snapshot>
> > mongo# ls -l
>
>You also need to check each of the parent directories (ie /usr /usr/local/
>/usr/local/apache) and make sure they are at least searchable by the web
>server. This probably means "chmod +x".
>
>Joshua.
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: newbie gets Forbidden on 1.3.22
Posted by Daniel Lopez <da...@rawbyte.com>.
I dint know you were using such a reduced config file.
This is what I think is happening. By default, when you request a directory,
a couple of things happen:
- Apache looks for what is called an index file and if present, returns it
to you
- Otherwise, if mod_dir is present and configured it can display a list of
files in that directory
none of the above seems to be configured.
try requesting http://your.domain.com/index.html
or adding DirectoryIndex index.html
directive to your configuration file
Does that work?
On Wed, Dec 19, 2001 at 06:27:38PM -0600, Mac McCaskie wrote:
> Daniel,
> Thanks, here is what I think you are asking for...
>
> <screen snapshot>
> mongo# ls -l
> total 13
> drwxr-xr-x 2 root wheel 512 Dec 17 21:04 bin
> drwxr-xr-x 2 root wheel 512 Dec 16 18:20 cgi-bin
> drwxr-xr-x 2 root wheel 512 Dec 17 21:05 conf
> drwxr-xr-x 3 root wheel 1024 Dec 18 21:04 htdocs
> drwxr-xr-x 3 root wheel 3584 Dec 16 18:20 icons
> drwxr-xr-x 3 root wheel 1024 Dec 16 18:20 include
> drwxr-xr-x 2 root wheel 512 Dec 16 18:20 libexec
> drwxr-xr-x 2 root wheel 512 Dec 16 21:39 logs
> drwxr-xr-x 4 root wheel 512 Dec 16 18:20 man
> drwxr-xr-x 2 nobody nobody 512 Dec 16 18:20 proxy
> mongo# pwd
> /usr/local/apache
> mongo#
> mongo# cd htdocs
> mongo# ls -l
> total 75
> -rw-r--r-- 1 root wheel 2326 Jul 3 1996 apache_pb.gif
> -rw-r--r-- 1 root wheel 1456 May 3 2001 index.html
> <snip>
>
>
> AND
>
>
> ##
> ## httpd.conf -- Apache HTTP server configuration file
> ##
>
> ### Section 1: Global Environment
> ServerType standalone
> ServerRoot "/usr/local/apache"
> #LockFile /usr/local/apache/logs/httpd.lock
> PidFile /usr/local/apache/logs/httpd.pid
> ScoreBoardFile /usr/local/apache/logs/httpd.scoreboard
> #ResourceConfig conf/srm.conf
> #AccessConfig conf/access.conf
> Timeout 300
> KeepAlive On
> MaxKeepAliveRequests 100
> KeepAliveTimeout 15
> MinSpareServers 5
> MaxSpareServers 10
> StartServers 5
> MaxClients 150
> MaxRequestsPerChild 0
> #Listen 3000
> #Listen 12.34.56.78:80
> BindAddress 192.168.0.5
>
> # Dynamic Shared Object (DSO) Support
> #ExtendedStatus On
>
> ### Section 2: 'Main' server configuration
> Port 80
> User nobody
> Group "#-1"
> ServerAdmin mccaskie@swbell.net
> ServerName 66.140.64.161
> DocumentRoot "/usr/local/apache/htdocs"
> <Directory />
> Options FollowSymLinks
> AllowOverride None
> </Directory>
> <Directory "/usr/local/apache/htdocs">
> Options Indexes FollowSymLinks MultiViews
> AllowOverride None
> Order allow,deny
> Allow from all
> </Directory>
>
> <snip>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
RE: newbie gets Forbidden on 1.3.22
Posted by Joshua Slive <jo...@slive.ca>.
> From: Mac McCaskie [mailto:mccaskie@swbell.net]
> Daniel,
> Thanks, here is what I think you are asking for...
>
> <screen snapshot>
> mongo# ls -l
You also need to check each of the parent directories (ie /usr /usr/local/
/usr/local/apache) and make sure they are at least searchable by the web
server. This probably means "chmod +x".
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: newbie gets Forbidden on 1.3.22
Posted by Mac McCaskie <mc...@swbell.net>.
Daniel,
Thanks, here is what I think you are asking for...
<screen snapshot>
mongo# ls -l
total 13
drwxr-xr-x 2 root wheel 512 Dec 17 21:04 bin
drwxr-xr-x 2 root wheel 512 Dec 16 18:20 cgi-bin
drwxr-xr-x 2 root wheel 512 Dec 17 21:05 conf
drwxr-xr-x 3 root wheel 1024 Dec 18 21:04 htdocs
drwxr-xr-x 3 root wheel 3584 Dec 16 18:20 icons
drwxr-xr-x 3 root wheel 1024 Dec 16 18:20 include
drwxr-xr-x 2 root wheel 512 Dec 16 18:20 libexec
drwxr-xr-x 2 root wheel 512 Dec 16 21:39 logs
drwxr-xr-x 4 root wheel 512 Dec 16 18:20 man
drwxr-xr-x 2 nobody nobody 512 Dec 16 18:20 proxy
mongo# pwd
/usr/local/apache
mongo#
mongo# cd htdocs
mongo# ls -l
total 75
-rw-r--r-- 1 root wheel 2326 Jul 3 1996 apache_pb.gif
-rw-r--r-- 1 root wheel 1456 May 3 2001 index.html
<snip>
AND
##
## httpd.conf -- Apache HTTP server configuration file
##
### Section 1: Global Environment
ServerType standalone
ServerRoot "/usr/local/apache"
#LockFile /usr/local/apache/logs/httpd.lock
PidFile /usr/local/apache/logs/httpd.pid
ScoreBoardFile /usr/local/apache/logs/httpd.scoreboard
#ResourceConfig conf/srm.conf
#AccessConfig conf/access.conf
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 0
#Listen 3000
#Listen 12.34.56.78:80
BindAddress 192.168.0.5
# Dynamic Shared Object (DSO) Support
#ExtendedStatus On
### Section 2: 'Main' server configuration
Port 80
User nobody
Group "#-1"
ServerAdmin mccaskie@swbell.net
ServerName 66.140.64.161
DocumentRoot "/usr/local/apache/htdocs"
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/usr/local/apache/htdocs">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<snip>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: newbie gets Forbidden on 1.3.22
Posted by Daniel Lopez <da...@rawbyte.com>.
Mac,
The 403 code in the access log corresponds to a permission denied HTTP code.
Can you check that your document root (htdocs/ in the default apache
installation) and all the parent directories have read permissions?
Check also that you have a readable index.html file in that directory.
On Wed, Dec 19, 2001 at 05:57:56PM -0600, Mac McCaskie wrote:
> There is no error that corresponds to my last try (moment ago), see access
> log. (I'm running Mozilla)
>
> error.log
> [Tue Dec 18 20:21:57 2001] [notice] Apache/1.3.22 (Unix) configured --
> resuming normal operations
> [Tue Dec 18 20:21:57 2001] [notice] Accept mutex: flock (Default: flock)
> [Wed Dec 19 04:55:24 2001] [error] [client 217.128.58.235] Client sent
> malformed Host header
> [Wed Dec 19 10:37:02 2001] [error] [client 213.253.154.221] Client sent
> malformed Host header
>
> access.log
> <snip>
> 66.81.39.241 - - [19/Dec/2001:13:50:53 -0600] "GET
> /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 403 305 "-" "-"
> 66.81.39.241 - - [19/Dec/2001:13:51:03 -0600] "GET
> /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 403 305
> 66.81.39.241 - - [19/Dec/2001:13:51:03 -0600] "GET
> /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 403 305 "-" "-"
> 192.168.0.154 - - [19/Dec/2001:17:45:18 -0600] "GET / HTTP/1.1" 403 280
> 192.168.0.154 - - [19/Dec/2001:17:45:18 -0600] "GET / HTTP/1.1" 403 280 "-"
> "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.5) Gecko/20011011"
>
> -mac
>
> At 03:54 PM 12/19/2001 -0800, you wrote:
>
> >Take a look at the file error_log in the logs/ subdirectory of where you
> >installed the server, what do you see there?
> >
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: newbie gets Forbidden on 1.3.22
Posted by Mac McCaskie <mc...@swbell.net>.
There is no error that corresponds to my last try (moment ago), see access
log. (I'm running Mozilla)
error.log
[Tue Dec 18 20:21:57 2001] [notice] Apache/1.3.22 (Unix) configured --
resuming normal operations
[Tue Dec 18 20:21:57 2001] [notice] Accept mutex: flock (Default: flock)
[Wed Dec 19 04:55:24 2001] [error] [client 217.128.58.235] Client sent
malformed Host header
[Wed Dec 19 10:37:02 2001] [error] [client 213.253.154.221] Client sent
malformed Host header
access.log
<snip>
66.81.39.241 - - [19/Dec/2001:13:50:53 -0600] "GET
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 403 305 "-" "-"
66.81.39.241 - - [19/Dec/2001:13:51:03 -0600] "GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 403 305
66.81.39.241 - - [19/Dec/2001:13:51:03 -0600] "GET
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 403 305 "-" "-"
192.168.0.154 - - [19/Dec/2001:17:45:18 -0600] "GET / HTTP/1.1" 403 280
192.168.0.154 - - [19/Dec/2001:17:45:18 -0600] "GET / HTTP/1.1" 403 280 "-"
"Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.5) Gecko/20011011"
-mac
At 03:54 PM 12/19/2001 -0800, you wrote:
>Take a look at the file error_log in the logs/ subdirectory of where you
>installed the server, what do you see there?
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: newbie gets Forbidden on 1.3.22
Posted by Daniel Lopez <da...@rawbyte.com>.
Take a look at the file error_log in the logs/ subdirectory of where you
installed the server, what do you see there?
On Wed, Dec 19, 2001 at 05:47:45PM -0600, Mac McCaskie wrote:
> Sorry folks,
>
> I've searched the faq's and archives (just 2 days available) but I can't
> find the answer. Just a vague reference in:
>
> Group "#-1" trips up new users... What to do?
>
> I'm trying to set up a very basic web server, and i think my issue centers
> around access. As far as I can tell, I've built the server correctly
> and gone through http.conf and I am now able to start httpd w/o errors.
>
> What do I need to look at and what should the correct setting be?
>
> this is on a freebsd 4.4 box.
>
> ps, please remember I'm a newbie to both unix and Apache and everything
> needs to be spelled out (please). I have gotten pure-ftpd to work.
>
> thanks
>
> Mac
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org