0

I recently updated Apache on Cent OS 7 from 2.2 to 2.4 and after the update I am not able to access the root folder,

I get the following error:

[Fri Apr 29 16:30:19.977037 2016] [core:error] [pid 32095] [client 10.211.55.1:44429] AH00027: No authentication done but request not allowed without authentication for /. Authentication not configured?

As mentioned here in the Authorization section you can still use old directives Order, Allow, Deny, and Satisfy by loading the module (Which I loaded obviously):

LoadModule access_compat_module modules/mod_access_compat.so

My Directory directive is as follow:

<Directory /> Options FollowSymLinks AllowOverride All </Directory>

I am not really sure what the problem might be, I would really appreciate some help here.

Improve this question

3 Answers 3

Reset to default
1

I am not familiar with Cent OS default directory structure, but you will want to follow something like this:

 <Directory /> Require all denied AllowOverride None Options None </Directory> <Directory /PATH ON SERVER TO YOUR DOCUMENT ROOT> Require all granted AllowOverride All Options FollowSymLinks </Directory>

To use the Apache 2.4 directives, you will need to load mod_authz_core

 LoadModule authz_core_module modules/mod_authz_core.so

If you don't have any other old (i.e. Order, Allow, Deny, and Satisfy) access control directives, comment out the access_compat module:

 #LoadModule access_compat_module modules/mod_access_compat.so

If you do have other instances of the old 2.2 access control, update them if at all possible to use the Apache 2.4 Require directive, or similar Apache 2.4 authentication directives. It is not a good idea to mix the old and the new. As noted in the documentation, "unpredictable" results can occur.

Improve this answer
8
  • Thanks for the prompt update, I added these configuration changes and now the HTTPD is failing to start. I get the following the error while starting it: May 02 10:12:01 dealdays-www-1a.vagrant.loc.vag httpd[32592]: AH00526: Syntax error on line 104 of /etc/httpd/conf/httpd.conf: May 02 10:12:01 dealdays-www-1a.vagrant.loc.vag httpd[32592]: Invalid command 'Require', perhaps misspelled or defined by a module not in...ration May 02 10:12:01 dealdays-www-1a.vagrant.loc.vag systemd[1]: httpd.service: control process exited, code=exited status=1 . Commented May 2, 2016 at 8:15
  • BTW, the module mod_access_compat is also loaded as mentioned here: httpd.apache.org/docs/trunk/upgrading.html Commented May 2, 2016 at 8:17
  • If you are interested in the my conf file, you can find it here: pastebin.com/Yg4yh0uc Commented May 2, 2016 at 8:25
  • 1
    Make sure you have the module "authz_core_module" loaded. Commented May 2, 2016 at 11:11
  • Your install appears to use nonstandard names for modules. It looks like the authz_core_module is probably loaded with LoadModule authz_default_module modules/mod_authz_default.so Commented May 2, 2016 at 11:43
0

You need to allow apache read access;

 <Directory /> Options FollowSymLinks AllowOverride All Require all granted </Directory>

Should work

Improve this answer
2
  • This allows access to the whole server. Probably not a good idea. Commented May 1, 2016 at 0:54
  • @Colt, true, your way is much better. Commented May 2, 2016 at 11:08
0

For someone who intercepts with the same problem, the solution in my case was to add the following line in the httpd.conf file:

LoadModule authn_core_module modules/mod_authn_core.so
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.