1

I know this questions has been raised before, but I swear I have read through the other posts. I am using virtual hosts on Apache/2.4.7 (Ubuntu) server to host multiple wordpress sites. I have one site, SiteA which is running fine but SiteB (SiteBroken) is not running.

I installed apache via apt-get and my config file is 

/etc/apache2 -rw-r--r-- 1 root root 7.3K Mar 28 15:29 apache2.conf

I have read about changing users either inside this file (which I am unsure of) or through the chown command, and as such my permissions for SiteA vs. SiteB

/var/www/SiteA/public_html total 188k drwxr-xr-x 5 root root 4.0K Mar 31 00:42 .. -rw-r--r-- 1 root root 25K Apr 4 20:23 wp-signup.php -rw-r--r-- 1 root root 11K Apr 4 20:23 wp-settings.php -rw-r--r-- 1 root root 33K Apr 4 20:23 wp-login.php -rw-r--r-- 1 root root 2.9K Apr 4 20:23 wp-cron.php -rw-r--r-- 1 root root 7.1K Apr 4 20:23 readme.html -rw-r--r-- 1 root root 418 Apr 4 20:23 index.php -rw-r--r-- 1 root root 3.0K Apr 4 20:23 xmlrpc.php -rw-r--r-- 1 root root 4.0K Apr 4 20:23 wp-trackback.php -rw-r--r-- 1 root root 2.7K Apr 4 20:23 wp-load.php -rw-r--r-- 1 root root 2.4K Apr 4 20:23 wp-links-opml.php drwxr-xr-x 12 root root 4.0K Apr 4 20:23 wp-includes -rw-r--r-- 1 root root 2.7K Apr 4 20:23 wp-config-sample.php -rw-r--r-- 1 root root 4.9K Apr 4 20:23 wp-comments-post.php -rw-r--r-- 1 root root 271 Apr 4 20:23 wp-blog-header.php -rw-r--r-- 1 root root 4.9K Apr 4 20:23 wp-activate.php -rw-r--r-- 1 root root 20K Apr 4 20:23 license.txt -rw-r--r-- 1 root root 8.1K Apr 4 20:23 wp-mail.php drwxr-xr-x 9 root root 4.0K Apr 4 20:23 wp-admin drwxr-xr-x 6 www-data www-data 4.0K Apr 16 14:55 wp-content -rw-r--r-- 1 root root 3.5K Apr 16 14:58 wp-config.php drwxr-xr-x 5 root root 4.0K Apr 16 14:58 . /var/www/SiteB/public_html total 220k -rw-r--r-- 1 root root 3.0K Jan 5 21:17 xmlrpc.php -rw-r--r-- 1 root root 4.0K Jan 5 21:17 wp-trackback.php -rw-r--r-- 1 root root 25K Jan 5 21:17 wp-signup.php -rw-r--r-- 1 root root 11K Jan 5 21:17 wp-settings.php -rw-r--r-- 1 root root 8.1K Jan 5 21:17 wp-mail.php -rw-r--r-- 1 root root 33K Jan 5 21:17 wp-login.php -rw-r--r-- 1 root root 2.7K Jan 5 21:17 wp-load.php -rw-r--r-- 1 root root 2.4K Jan 5 21:17 wp-links-opml.php -rw-r--r-- 1 root root 2.9K Jan 5 21:17 wp-cron.php -rw-r--r-- 1 root root 4.9K Jan 5 21:17 wp-comments-post.php -rw-r--r-- 1 root root 271 Jan 5 21:17 wp-blog-header.php -rw-r--r-- 1 root root 4.9K Jan 5 21:17 wp-activate.php -rw-r--r-- 1 root root 418 Jan 5 21:17 index.php drwxr-xr-x 9 root root 4.0K Jan 5 22:11 wp-admin -rw-r--r-- 1 root root 20K Feb 18 22:05 license.txt drwxr-xr-x 12 root root 4.0K Mar 1 21:57 wp-includes -rw-r--r-- 1 root root 3.4K Mar 28 23:48 wp-config.php -rw-r--r-- 1 root root 7.1K May 7 06:30 readme.html drwxr-xr-x 8 www-data www-data 4.0K May 7 23:08 wp-content -rw-r--r-- 1 root root 25K May 25 06:23 error_log -rw-r--r-- 1 root root 792 May 30 14:50 2.htaccess -rw-r--r-- 1 root root 241 May 30 14:51 .offline.htaccess drwxr-xr-x 6 root root 4.0K May 30 14:55 .. drwxr-xr-x 5 root root 4.0K Jun 1 07:25 .

I have removed the .httaccces from SiteB configuration as I tried to eliminate that variable for casuing my site to receive the 403 error You don't have permission to access / on this server

/etc/apache2/sites-available cat SiteA.conf # public: /var/www/SiteA/public_html/ <VirtualHost *:80> # Admin email, Server Name (domain name), and any aliases ServerAdmin webmaster@SiteA ServerName www.SiteA ServerAlias SiteA # Index file and Document Root (where the public files are located) DirectoryIndex index.html index.php DocumentRoot /var/www/SiteA/public_html # Log file locations LogLevel warn ErrorLog /var/www/SiteA/log/error.log CustomLog /var/www/SiteA/log/access.log combined </VirtualHost> /etc/apache2/sites-available cat SiteBroken.conf # domain: SiteBroken # public: /var/www/SiteBroken/public_html/ <VirtualHost *:80> # Admin email, Server Name (domain name), and any aliases ServerAdmin webmaster@SiteBroken ServerName www.SiteBroken ServerAlias SiteBroken # Index file and Document Root (where the public files are located) DirectoryIndex index.html index.php DocumentRoot /var/www/SiteBroken/public_html # Log file locations LogLevel warn ErrorLog /var/www/SiteBroken/log/error.log CustomLog /var/www/SiteBroken/log/access.log combined </VirtualHost> diff SiteA.conf SiteBroken.conf 1,3c1,2 < < < # public: /var/www/SiteA/public_html/ --- > # domain: SiteBroken > # public: /var/www/SiteBroken/public_html/ 7,9c6,8 < ServerAdmin webmaster@SiteA < ServerName www.SiteA < ServerAlias SiteA --- > ServerAdmin webmaster@SiteBroken > ServerName www.SiteBroken > ServerAlias SiteBroken 13c12 < DocumentRoot /var/www/SiteA/public_html --- > DocumentRoot /var/www/SiteBroken/public_html 16,17c15,16 < ErrorLog /var/www/SiteA/log/error.log < CustomLog /var/www/SiteA/log/access.log combined --- > ErrorLog /var/www/SiteBroken/log/error.log > CustomLog /var/www/SiteBroken/log/access.log combined 19,20d17 < /etc/apache2/sites-available total 44K -rw-r--r-- 1 root root 6.3K Jan 7 2014 default-ssl.conf -rw-r--r-- 1 root root 1.4K Jan 7 2014 000-default.conf -rw-r--r-- 1 root root 626 Mar 31 00:42 SiteA.conf drwxr-xr-x 8 root root 4.0K Jun 1 07:13 .. -rw-r--r-- 1 root root 713 Jun 1 07:16 SiteBroken.conf drwxr-xr-x 2 root root 4.0K Jun 1 07:16 .

I noticed this error message in the error log from yesterday when I was trouleshooting.

/var/www/SiteBroken/log$ cat error.log [Tue Mar 31 03:22:14.410438 2015] [:error] [pid 25622] [client 113.123.33.183:47379] script '/var/www/SiteBroken/public_html/phpinfo.php' not found or unable to stat

SiteA which is running perfectly fine has all the same wordpress files and such, there is no phpinfo.php file in SiteA's directory, I am unsure as to why one site is running but I am unable to view SiteB

I recently chown of the entire public_html directory to www-data but this still did not resolve the 403 error message. 

sudo chown -R www-data:www-data /var/www/SiteBroken/public_html/ drwxr-xr-x 5 www-data www-data 4.0K Jun 1 07:25 public_html

Enabled log level debuging and all I see is the output form stopping and restating apache, in addition to this missing `/var/www/html/moadmin.php' file and whether or not this file is necessary

[Mon Jun 01 07:25:38.832460 2015] [mpm_prefork:notice] [pid 9847] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.7 configured -- resuming normal operations [Mon Jun 01 07:25:38.832538 2015] [core:notice] [pid 9847] AH00094: Command line: '/usr/sbin/apache2' [Mon Jun 01 08:27:58.649847 2015] [mpm_prefork:notice] [pid 9847] AH00169: caught SIGTERM, shutting down [Mon Jun 01 08:27:59.551789 2015] [mpm_prefork:notice] [pid 10198] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.7 configured -- resuming normal operations [Mon Jun 01 08:27:59.551885 2015] [core:notice] [pid 10198] AH00094: Command line: '/usr/sbin/apache2' [Mon Jun 01 10:43:46.042411 2015] [:error] [pid 10208] [client 89.248.172.27:51451] script '/var/www/html/moadmin.php' not found or unable to stat [Tue Jun 02 07:53:47.086020 2015] [mpm_prefork:notice] [pid 10198] AH00169: caught SIGTERM, shutting down [Tue Jun 02 07:53:48.203046 2015] [mpm_prefork:notice] [pid 12370] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.7 configured -- resuming normal operations [Tue Jun 02 07:53:48.203105 2015] [core:notice] [pid 12370] AH00094: Command line: '/usr/sbin/apache2' [Tue Jun 02 07:57:14.417485 2015] [mpm_prefork:notice] [pid 12370] AH00169: caught SIGTERM, shutting down [Tue Jun 02 07:57:15.280777 2015] [mpm_prefork:notice] [pid 12515] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.7 configured -- resuming normal operations [Tue Jun 02 07:57:15.280852 2015] [core:notice] [pid 12515] AH00094: Command line: '/usr/sbin/apache2' [Tue Jun 02 07:59:45.902752 2015] [mpm_prefork:notice] [pid 12515] AH00169: caught SIGTERM, shutting down [Tue Jun 02 07:59:47.017507 2015] [mpm_prefork:notice] [pid 12653] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.7 configured -- resuming normal operations [Tue Jun 02 07:59:47.017577 2015] [core:notice] [pid 12653] AH00094: Command line: '/usr/sbin/apache2' [Tue Jun 02 08:05:59.014895 2015] [mpm_prefork:notice] [pid 12653] AH00169: caught SIGTERM, shutting down [Tue Jun 02 08:06:00.124043 2015] [mpm_prefork:notice] [pid 12787] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.7 configured -- resuming normal operations [Tue Jun 02 08:06:00.124101 2015] [core:notice] [pid 12787] AH00094: Command line: '/usr/sbin/apache2' [Tue Jun 02 08:23:09.214883 2015] [mpm_prefork:notice] [pid 12787] AH00169: caught SIGTERM, shutting down [Tue Jun 02 08:23:10.332498 2015] [mpm_prefork:notice] [pid 13039] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.7 configured -- resuming normal operations [Tue Jun 02 08:23:10.332556 2015] [core:notice] [pid 13039] AH00094: Command line: '/usr/sbin/apache2' [Tue Jun 02 08:40:06.186778 2015] [mpm_prefork:notice] [pid 13039] AH00169: caught SIGTERM, shutting down [Tue Jun 02 08:40:07.305531 2015] [mpm_prefork:notice] [pid 13491] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.7 configured -- resuming normal operations [Tue Jun 02 08:40:07.305595 2015] [core:notice] [pid 13491] AH00094: Command line: '/usr/sbin/apache2'

Update: ls -la

/var/www$ ls -la total 48 drwxr-xr-x 7 root root 4096 Jun 2 08:21 . drwxr-xr-x 14 root root 4096 Mar 28 14:40 .. drwxr-xr-x 5 root root 4096 Mar 31 00:42 SiteA (working website) drwxr-xr-x 2 root root 4096 May 30 12:50 html drwxr-xr-x 6 root www-data 4096 May 30 14:55 SiteBroken

Update 6/6/15

I modified the apache.conf file after reading several other SE posts, to the following:

 <Directory /> Options FollowSymLinks AllowOverride all Require all granted </Directory> <Directory /usr/share> AllowOverride None Require all granted </Directory> <Directory /var/www/> Options Indexes FollowSymLinks AllowOverride all Require all granted </Directory>

I even added my full document root in there to test everything and anything:

<Directory /var/www/html/SiteBroken/public_html> Options FollowSymLinks AllowOverride all Require all granted </Directory>

Now my SiteBroken does appear and generates when I point my browser to the URL, however, now I am unable to nagigate to any pages, i.e. www.sitebroken.com/foo or www.sitebroken.com/bar

I've been told my Virutal Server cannot read the php files? Is this so?

/var/www/html/SiteBroken/public_html$ total 188K -rw-r--r-- 1 root root 3.0K Apr 4 20:23 xmlrpc.php -rw-r--r-- 1 root root 4.0K Apr 4 20:23 wp-trackback.php -rw-r--r-- 1 root root 25K Apr 4 20:23 wp-signup.php -rw-r--r-- 1 root root 11K Apr 4 20:23 wp-settings.php -rw-r--r-- 1 root root 8.1K Apr 4 20:23 wp-mail.php -rw-r--r-- 1 root root 33K Apr 4 20:23 wp-login.php -rw-r--r-- 1 root root 2.7K Apr 4 20:23 wp-load.php -rw-r--r-- 1 root root 2.4K Apr 4 20:23 wp-links-opml.php -rw-r--r-- 1 root root 2.9K Apr 4 20:23 wp-cron.php -rw-r--r-- 1 root root 2.7K Apr 4 20:23 wp-config-sample.php -rw-r--r-- 1 root root 4.9K Apr 4 20:23 wp-comments-post.php -rw-r--r-- 1 root root 271 Apr 4 20:23 wp-blog-header.php -rw-r--r-- 1 root root 4.9K Apr 4 20:23 wp-activate.php -rw-r--r-- 1 root root 7.1K Apr 4 20:23 readme.html -rw-r--r-- 1 root root 20K Apr 4 20:23 license.txt -rw-r--r-- 1 root root 418 Apr 4 20:23 index.php drwxr-xr-x 12 root root 4.0K Jun 6 18:17 wp-includes drwxr-xr-x 6 www-data www-data 4.0K Jun 6 18:17 wp-content drwxr-xr-x 5 root root 4.0K Jun 6 18:17 . drwxr-xr-x 9 root root 4.0K Jun 6 18:17 wp-admin drwxr-xr-x 5 root root 4.0K Jun 6 18:17 .. -rw-r--r-- 1 root root 3.5K Jun 6 19:03 wp-config.php

Like I said in one of my comments, I have another site, SiteA completely mirror to SiteBroken's configurations and I am stumped how one site can work and the other, SiteBroken, receives then 403 errors and now a 404 error. The requested URL /foo/ was not found on this server.

I have been making use of these questions https://askubuntu.com/questions/448944/where-to-place-my-local-website-starting-with-the-2-4-7-version-of-apache2 and https://stackoverflow.com/questions/6959189/apache-virtualhost-403-forbidden

I also briefly installed nginx and ran into a similar problem where I believe nginx was unable to read my php files?

Improve this question
4
  • Try to change the loglevel to Debug. It will give you a lot of information. Commented Jun 1, 2015 at 12:46
  • I enabled log level debugging using these resources [stackoverflow.com/questions/9632852/… & [httpd.apache.org/docs/2.4/mod/mod_rewrite.html#logging] Commented Jun 2, 2015 at 12:47
  • 1
    Please gives an ls -la for /var/www/ Commented Jun 3, 2015 at 14:24
  • One of my sites is entirely accessible as root:root but confuses me as how the root:www-data website receives the 403 error, as I prtined the .conf files above, they're identical. Yes I have restarted apache and I have editited the working SitA.conf file to independlty test and that site went down when providing an incorrect document root, I've check everything I can think of. Commented Jun 4, 2015 at 10:36

4 Answers 4

Reset to default
1

Changing ownership to www-data:www-data with r/w permissions for the folders hosting the content will allow the httpd process to write to this folder which, depending on the complexity of the application and it's security, might give a hacker a way to overwrite legit code with stuff of his or her own choosing.

Likely the issue is you need to add the execute bit to the parent folders and change groups: 

chmod g=rx /var/www/SiteA chown root:www-data /var/www/SiteA chmod g=rx /var/www/SiteA/public_html chown root:www-data /var/www/SiteA/public_html

Without the execute bit the process cannot descend in to the folder to read the files, even if it owns them.

Improve this answer
1
  • I tried your answer as is and then tried a second time while including the recursive -R option, but sitll I receive the 403 error Commented Jun 2, 2015 at 12:42
1

Try to configure your http-xampp

you'll find this code there :

<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))"> Require local ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var </LocationMatch>

Try to change this with this : 

<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))"> Require local Require ip 192.120.203 // ip address of another pc or I would say the start of the ipaddress . ErrorDocument 403 /error/XAMPP_FORBIDDEN.html.var </LocationMatch>

This works for me when I got that error. Hope it also work for you.

Improve this answer
0

Change ownership to www-data instead of root. You can do this with chown like this:

$ sudo chown -R www-data:www-data /var/www/SiteA/public_html

This will make www-data the owner of all files/directories under public_html.

Improve this answer
1
  • thanks, the site still does not appear, I still receive the same 403 error, no new errors in the error log either Commented Jun 1, 2015 at 12:29
0

Try putting this in your VirtualHost:

<Directory /var/www/SiteBroken/public_html/> Require all granted </Directory>

It is generally very bad practice to make the entire WordPress installation owned by www-data (even for testing). This will allow the Apache process to write files anywhere in your directory tree, including PHP files. I have experienced well over a dozen sites in only the past 3 months that have been hacked this way. Attackers can then install anything they want - backdoor shells, spam bots, anything. They can also read your wp-config.php file which contains all of your database credentials. This can also result in the attacker perusing other site directories (i.e. SiteA) and gaining full access to that database as well.

Not sure if the Require all granted above will help, but I do know that Apache 2.4 is different from 2.2 with its security mechanisms and this has helped me in the past.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.