You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Jim Harriman <jh...@ecology.coa.edu> on 2003/10/29 18:12:37 UTC
[users@httpd] Apache denies access to non-document-root directories
This might seem like a newbie question, but please hear me out. I have a DSL connection with a static IP, and am running Apache (on Mandrake 9.0) from my computer to host my website. The index page is in /var/www/html, and when I connect to my IP, the website comes up just fine. But the problem is that all the pictures are in a symlinked directory, e.g., /var/www/html/pics -> /home/jim/pics. Whenever I try to reference a picture in /home/jim/pics, it's broken on the website; when I link to the directory itself, a "403 Forbidden" error comes up, and in both cases, the error_log outputs the message:
[Tue Oct 28 22:22:40 2003] [error] [client 142.167.xx.yyy] Symbolic link not allowed: /var/www/html/pics, referer: http://142.167.xx.yyy/
But the weird thing is that I specifically put directives in httpd.conf that allow symlinking and indexing in those directories. The lines I added:
<Directory /var/www/html/pics>
Options FollowSymLinks -Indexes MultiViews SymLinksIfOwnerMatch
AllowOverride All
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
There's another directive that's identical except that /var/www/html/pics is replaced with /home/jim/pics. Write access is prohibited for non-users in both those directories, but otherwise they're completely accessible.
Please let me know if you have any suggestions, any help would be appreciated.
__
Jim Harriman
College of the Atlantic
105 Eden Street
Bar Harbor, ME 04609
e-mail: jharriman@ecology.coa.edu
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache denies access to non-document-root directories
Posted by Robert Andersson <ro...@profundis.nu>.
Jim Harriman wrote:
> <Directory /var/www/html/pics>
> Options FollowSymLinks -Indexes MultiViews SymLinksIfOwnerMatch
> ...
> </Directory>
An instinctive reaction is that this should rather be:
<Directory /var/www/html>
Options FollowSymLinks ...
...
</Directory>
It makes more sense, but I'm not sure on it.
Regards,
Robert Andersson
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Apache denies access to non-document-root directories
Posted by Leif W <wa...@usa.net>.
Check http://httpd.apache.org/docs-2.0/mod/core.html#options for
SymLinksIfOwnerMatch. Maybe the owner of the symbolic links under
/var/www/html don't match the real files in /home/jim/pics ? This is a bit
convoluted setup. Why not just have all images either in a real directory
/var/www/html/pics or /home/jim/public_html/pics .
Leif
----- Original Message -----
From: "Jim Harriman" <jh...@ecology.coa.edu>
To: <us...@httpd.apache.org>
Sent: Wednesday, October 29, 2003 12:12 PM
Subject: [users@httpd] Apache denies access to non-document-root directories
This might seem like a newbie question, but please hear me out. I have a
DSL connection with a static IP, and am running Apache (on Mandrake 9.0)
from my computer to host my website. The index page is in /var/www/html,
and when I connect to my IP, the website comes up just fine. But the
problem is that all the pictures are in a symlinked directory, e.g.,
/var/www/html/pics -> /home/jim/pics. Whenever I try to reference a picture
in /home/jim/pics, it's broken on the website; when I link to the directory
itself, a "403 Forbidden" error comes up, and in both cases, the error_log
outputs the message:
[Tue Oct 28 22:22:40 2003] [error] [client 142.167.xx.yyy] Symbolic link not
allowed: /var/www/html/pics, referer: http://142.167.xx.yyy/
But the weird thing is that I specifically put directives in httpd.conf that
allow symlinking and indexing in those directories. The lines I added:
<Directory /var/www/html/pics>
Options FollowSymLinks -Indexes MultiViews SymLinksIfOwnerMatch
AllowOverride All
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
There's another directive that's identical except that /var/www/html/pics is
replaced with /home/jim/pics. Write access is prohibited for non-users in
both those directories, but otherwise they're completely accessible.
Please let me know if you have any suggestions, any help would be
appreciated.
__
Jim Harriman
College of the Atlantic
105 Eden Street
Bar Harbor, ME 04609
e-mail: jharriman@ecology.coa.edu
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org