Getting 403 Forbidden on a webpage running on Apache HTTP server - apache

The problem is as follows:
I've been trying to get my page running on the Oracle Cloud Instance - I installed everything required, got my files into /var/www/[websitename.com] and started the httpd process.
For some strange reason, however, the server is unable to access the files there.
Going to the page just throws a 403 Forbidden.
I've changed the owner of /var/www/* to 'apache' so at first glance, the permissions should be there.
The log however says this:
file permissions deny server access: /var/www/[websitename.com]/html/index.html
I've been trying to fix this for 2 days, and I just cannot figure it out.
There's apparently a bunch of similar questions, but none of the solutions have worked for me.
Can anyone help?
I tried changing the ownership with chmod and chown, but it did not help - the error persists.
I've also tried chown -R apache:root /var/www/html but still with no result.

Related

Apache/nginx 403 when uploading new files

I've been stumped with this for a couple days now. I set up apache on my VPS and am uploading files frequently via FTP to my website. However, when I try to access those links in the browser, Apache gives me a 403 error. When I run the command "chmod 755" on the file and refresh, however, the file is accessed fine. I had the same error when I tried using nginx as my software. Thanks!
I had the same problem. Running command "chmod 755" solved problem but if user upload new file you need to run command again and again...
So I set the default permission for newly uploaded files in /etc/vsftpd.conf
file_open_mode=0755
local_umask=022

"This webpage is not available" error after altering /www directory

I built the login functionality for a website on an AWS ec2 ubuntu with LAMP setup and it was working fine. The PHP files for this were located in /var/www/html. Then, to also allow login from an android device, I added and began working on the directory android_login_api in the /www folder. After adding several files and directories to this I noticed the website was no longer working and displayed "This webpage is not available" when I attempted to reach it. Despite completely removing android_login_api and attempting to revert the directory /www to just the way it was when it worked, this error remains.
I have spent a few days searching for a solution, but most answers pertain to the setup of apache which was already working fine for me. I tried restarting apache but neither index.php nor any other files I specify can be reached. I have also spent a lot of time trying to edit apache .conf files but with no luck.
Any ideas about what may have happened or if there is a specific path I need but may have accidentally altered would be greatly appreciated.
Most of access problems are caused by incorrect configuration of Virtual Hosts which seems like the problem here.
As you mentioned, the readable directory was /var/www/html and then you tried to access /var/www/android_login_api, which is not accessible by default and is specified in your virtual host file for the website. Location: /etc/apache2/sites-available
If you have done it different to this article, it will be difficult for anyone to help you. Don't create hosts in apache.conf. Read it before reading my answer further.
When you make changes to the virtual host, don't forget to use sudo a2ensite yoursite.com.conf as well as restarting apache service with sudo service apache2 restart after enabling the site.
The last thing that you should know about setting up websites is www directory owner. When you done making changes to files via FTP or SSH, run sudo chown www-data:www-data /var/www -R. www-data is the username like root used by Apache to allow external access. Otherwise the fiels will be accessible only with 0755 permissions by any other user and not 0644.
This is just a bunch of things essential to make changes and work with HTTP servers. Though my answer is not clear and I'm unable to point out your issue, I believe I've given you additional knowlege/consideration points to troubleshoot your issue. Drop a comment for more specifics.

Symlinks or Alias within a LAMPP setup running Joomla

Sorry for the imprecise wording of this question however I have really hit a wall here.
I have installed XAMPP/LAMPP on a machine running Debian. I then installed joomla on the installation of LAMPP. Everything is running correctly. I am now trying to add either a symlink or an Alias to the httpd.conf file. Which httpd.conf file should I edit?
I think I have somewhat correctly added something to the relevant files becuase the access log returns this:
GET /Archived/test.html HTTP/1.1" 403 1043
Obviously i'm getting 403 errors when I try to connect to the directory. I have tried applying permissions to everywhere I could think of. Any suggestions would be extremely helpful, thanks!

Drupal 7 Login can't view admin bar, Fresh Install via Drush on CentOS 6.3

I've spent quite a few hours trying to figure out what the problem is. The issue is:
Login works but the page doesn't change once I log in as admin. I know that the login works because wrong credentials generate an error. I do not even see the administrative toolbar. No other pages exist on the page, but if I am to, say, input ?q=admin, on user/1, it will go 'Access Denied'
What I've done:
cleared cache and cookies many times
have checked that mod_rewrite works
the cookie path on the drupal settings.php is / and not \
.htaccess is on the drupal root directory, exactly as provided by
drupal.org
in httpd.conf, I have written a new directory and AllowOverride=All
(*note: the parent directory has AllowOverride=None)
Clean URL's are enabled via drush vset
What I suspect the problem is, but don't know how to solve it:
Proxy?
Some permissions that need to be configured on some files/directories
What I have:
CentOS 6.3
Apache 2.2.15
Drush 5.9
Drupal 7.22
Thank you in advance
I can't imagine that this would be a permissions issue, but if it were, you could just start by doing (and btw, I would NEVER recommend doing this on a production server):
cd /<path_in_which_drupal_root_sits>
chown -R apache:apache <drupal_root>
chmod -R 777 <drupal_root>
You might need to sudo to do these, and you will definitely want to bring the chmod permission back down to 775, 755 or 644 as is appropriate to the directory/sub-directory once you're done testing.
This will probably not solve your issue outright, but it will at least help you to eliminate permissions as an issue.
To test proxy issues, you might try installing lynx (command-line http client), and try accessing your site through it using localhost. You should be able to login, and if you get a different result that way than via remote access, you might indeed have some weird proxy or other network issue that's interfering.
Lastly, and this might actually be the most helpful bit here, you ought to inspect your headers before, during and after the login process. You can do this using FireBug or Developer Tools or the like. And, of course, check your Apache access and error logs for anything unexpected or out of the ordinary.
Most likely, though, you just need to reinstall and try it again.
Turns out that it was a SELinux problem. I found out that if I logout via the logout URL and then use https on my website, I can login and use it properly. I needed to reinstall the certificates and setup the security... Thanks for everyone's help.

Python script runs via apache when permissions are 755 but gives Error 500 when 777?

I uploaded a basic python script to my shared hosting at Dreamhost, and changed the permissions to 777. It ran fine from the shell (via SSH) but would display a 'Server Error' when called from the browser.
In the error.log, the error was 'Premature end of script headers'.
I wrote to DreamHost, who (surprisingly quickly) replied by changing the permissions to 755, and the script started working properly in apache (I could see the output in the browser).
But this doesn't seem right - how can adding extra lenient permissions break anything from functioning?
Allowing anyone to edit a CGI script means that it would be easy to insert a backdoor into the system. httpd is correctly disallowing a suspect program to be run.