CentOS Apache HTTPD Configuration (403 Forbidden)

Question

This is what i have in my httpd.conf

<VirtualHost *:80> ServerAdmin [email protected] ServerName mcmoddr.com ServerAlias www.mcmoddr.com DocumentRoot /home/mcmoddr/www/ ErrorLog /mcmoddr/logs/error.log CustomLog /mcmoddr/logs/accesslog combined </VirtualHost>

When visiting thwe site i get a 403 Forbidden error, The files are added with vsftpd and have the permissions drwxr-xr-x

Lucas Kauffman · Accepted Answer · 2012-03-29 17:36:51Z

13

You are using a stock install of CentOS, if that is correct please check that if SELinux is in Enforcing mode

getenforce

if the result is "Enforcing"

temporally change it to permissive

setenforce 0

and try again, you can also guide the condition of web content to the files in your home directory.

edited Mar 29, 2012 at 17:36

Lucas Kauffman

17k9 gold badges60 silver badges96 bronze badges

answered Mar 29, 2012 at 16:00

Freaktor

2712 silver badges9 bronze badges

This did the trick in my case. But if I subsequently reinforce again (with setenforce 1) the 403 error doesn't show up anymore, even though the configuration is the same as before, when it used to show up.

damix911
– damix911

2013-11-30 02:23:08 +00:00
Commented Nov 30, 2013 at 2:23
this is nothing more than a dirty hack. Its certainly not the proper way to simply disable security features. You should configure them instead.

The Fool
– The Fool

2020-02-21 11:17:24 +00:00
Commented Feb 21, 2020 at 11:17

Add a comment |

IgoRRius · Accepted Answer · 2012-12-03 14:45:28Z

Disable SELinux or run in ROOT

setsebool -P httpd_enable_homedirs on chcon -R -t httpd_sys_content_t /home/ chcon -R -t httpd_sys_rw_content_t /home/

jg3 · Accepted Answer · 2012-08-10 03:17:00Z

Freaktor's answer of 'setenforce 0' did "work" for me (thanks!)

But to keep it working and re-enable SELinux, I needed to

sudo chcon -Rv --type=httpd_t /path/to/my/files

...this gave my directory and all files and directories within it the security context of "httpd_t" which is a clunky way of saying SELinux let httpd read those files.

enabling selinux again was as simple as

setenforce 1

This is just temporary; any new files you make would have their original context and SELinux would still deny access to the new files. For a permanent solution, see this answer. — Michael Hampton
– Michael Hampton, Commented Aug 10, 2012 at 3:28

Alex Howansky · Accepted Answer · 2012-03-28 14:48:52Z

3

You probably have a deny all somewhere in the global config. Try adding this to the vhost stanza:

<Directory /home/mcmoddr/www> Order allow,deny Allow from all </Directory>

answered Mar 28, 2012 at 14:48

Alex Howansky

5102 silver badges5 bronze badges

+1, Also @Spero78 should make sure no .htaccess file is in root of your vhost with restrictive directives

user106666
– user106666

2012-03-28 14:57:39 +00:00
Commented Mar 28, 2012 at 14:57

Add a comment |

womble · Accepted Answer · 2019-08-01 04:02:09Z

0

Please add the below line in your existing code.

restorecon -r /home/mcmoddr/www/

It should fix your issue.

edited Aug 1, 2019 at 4:02

womble♦

98.4k29 gold badges182 silver badges235 bronze badges

answered Jul 31, 2019 at 19:50

Niranjay singh

11

Add a comment |

user533968 · Accepted Answer · 2019-08-01 04:12:34Z

you need to use the <Directory> container as it mentioned above .

And then you need to check from your DocumentRoot path, Each directory must have read permission so the service user apache can access .

you can check using ls -ld

Stack Exchange Network

CentOS Apache HTTPD Configuration (403 Forbidden)

6 Answers 6

You must log in to answer this question.

Linked

Hot Network Questions

CentOS Apache HTTPD Configuration (403 Forbidden)

6 Answers 6

You must log in to answer this question.

Linked

Related

Hot Network Questions