Apache Forbidden Error WAMP - apache

Currently using WAMP 3.06 w/ Apache 2.4.23. Navigating to localhost on the server computer works perfectly, but when I try to go to the IP of the server on my network or the domain, I get a Forbidden on / error. My httpd.conf file has:
<Directory />
AllowOverride none
Require all denied
</Directory>
Thanks!

This small section of the httpd.conf file
<Directory />
AllowOverride none
Require all denied
</Directory>
protects the root folder of the drive that Apache is installed on from hacking (should you Apache server get hacked) by denying access to anything on that drive.
This is normal security practice, deny acces to everything, then specifically allow access to only what is needed to be accessible.
By default WAMPServer is configured as a single user, developer tool accessable only from the PC running WAMPServer. This is to protect beginners from any possibility of accidentally being hacked, as NOBODY can gain access to the Apache in WAMPServer from any IP Address other that the one running WAMPServer.
As of WAMPServer 3, we configured WAMPServer to have a Virtual Host defined for localhost. This means that in order to alter the default access to Apache, you have to edit the httpd-vhost.conf file accordingly.
Access to this file is provided from the wampmanager menu system via
(left click) wampmanager -> Apache -> httpd-vhost.conf
Click this and your editor will open this file.
It will look like this by default
#
# Virtual Hosts
#
<VirtualHost *:80>
ServerName localhost
DocumentRoot D:/wamp/www
<Directory "D:/wamp/www/">
Options +Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require local
</Directory>
</VirtualHost>
In order to open up access to ip addresses on your LAN you can either add specific IP addresses like this
<VirtualHost *:80>
ServerName localhost
DocumentRoot D:/wamp/www
<Directory "D:/wamp/www/">
Options +Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require local
# New line
Require ip 192.168.1.111
</Directory>
</VirtualHost>
Or you can make it available to any ip address on your subnet by using just the first 3 quartiles of the subnet like this
<VirtualHost *:80>
ServerName localhost
DocumentRoot D:/wamp/www
<Directory "D:/wamp/www/">
Options +Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require local
# New line
Require ip 192.168.1
</Directory>
</VirtualHost>
Once this file is change, save it, and then restart Apache, again using the menus
wampmanager -> Apache -> Service Administration -> Restart Service
Then retry accessing apache from another pc on your LAN

The answer given by #RiggsFolly did the trick for me, but just to complement his/her post check your ip because in my case it was 192.168.0.
If you want to check your ip go to the console and type ipconfig for windows or ifconfig for linux/mac

By default, WAMP is set to only allow local access to the web server. "Require all denied" means just that - all requests are denied over the network.
Take a look at the Apache documentation for example configurations: https://httpd.apache.org/docs/2.4/howto/access.html
If this server isn't connected to the public internet, you can use "Require all granted" to give access to any client machine.

Related

Restrict access to Apache 2.4 virtualhost (WAMP)

I have WAMP up and running, and am trying to restrict access to (1) local and (2) one other IP address. I cant get this to work.
I can only get it to work from either (1) only local or (2) all IPs.
My virtual host conf file Im trying to use:
<VirtualHost *:80>
ServerName localhost
ServerAlias localhost
DocumentRoot "${INSTALL_DIR}/www"
<Directory "${INSTALL_DIR}/www/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require local
Require ip m.y.i.p
</Directory>
</VirtualHost>
With this, I get a 403 Forbidden page when I try to access from m.y.i.p. I can only access from my localhost.
With the following one Require line, I can access from any IP so I know it is possible:
Require all granted
Is there any way to allow access to localhost and to one or more other IPs? Or do I have something configured wrong?
For posterity, it looks like I found a solution.
Looks like Require Local takes precedence. If I list my local IP range, and my online IP and 127.0.0.1 (three require statements) it works as expected.

This site can’t be reached - XAMPP ignores custom domain vhosts

Environment
XAMPP 7.2.4 installed on Windows 10
Apache running on ports 80 and 443
Configuration
C:\Windows\System32\drivers\etc\hosts:
127.0.0.1 www.test.local test.local
C:\xampp\apache\conf\httpd.conf:
DocumentRoot "D:/htdocs"
<Directory "D:/htdocs">
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride All
Require all granted
</Directory>
C:\xampp\apache\conf\extra\httpd-vhosts.conf:
<VirtualHost *:80>
DocumentRoot D:/htdocs
ServerName localhost
<Directory "D:/htdocs">
</Directory>
</VirtualHost>
<VirtualHost *:80>
DocumentRoot D:/htdocs
ServerName test.local
<Directory "D:/htdocs">
Allow from all
</Directory>
</VirtualHost>
The problem
When I start Apache and I access to localhost is all right. The problem comes when I try to reach test.local: the browser returns a This site can’t be reached message. It's like XAMPP ignores the custom domain vhosts defined into httpd-vhost.conf file. The same message is displayed with the server off.
This site can’t be reached
The webpage at http://test.local/ might be temporarily down or it may have moved permanently to a new web address.
ERR_ADDRESS_INVALID
A few days ago the setup was working and the only changes that I made was the new software installation. I mean, no changes in Apache config files.
If all your stack were working correctly before, don't be like me and don't forget to check if some browser extension is blocking your local traffic, like some extension related with an antivirus system.
In my case it was the Kaspersky Protection extension. When something goes wrong, it shows the following graphic.
C:\Windows\System32\drivers\etc
127.0.0.1 test.local
C:\xampp\apache\conf\extra\httpd-vhosts.conf:
<VirtualHost *:80>
ServerAdmin webmaster#dummy-host2.example.com
DocumentRoot "C:/wamp64/www/test"
ServerName test.local
<Directory "C:/wamp64/www/hydroboost/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require local
</Directory>
</VirtualHost>
Have you updated your C:\Windows\System32\drivers\etc\hosts file with a mapping like this this?
add this line to the end of the hosts file
127.0.0.1 test.local
the localhost domain works without this mapping, because the OS already recognizes "localhost" as a built in alias for the loopback IP address
(this suggestion is assuming that you are running and testing on the same local machine)

virtual host access from another computer

I am working in a php project using wamp. I have these wamp installed in my public server, so till now when I hit 204.XXX.XX.XX/projectname I could access from any computer inside my university. Now I dont want to display this localhost main screen so I tried virtual host configuration.
C:\Windows\System32\drivers\etc\hosts file
I added
204.XXX.XX.XX api.local #api
httpd-vhosts.conf
<VirtualHost *:80>
ServerName api.local
ServerAlias api.local
DocumentRoot "c:/wamp64/www/api"
<Directory "c:/wamp64/www/api/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
I have already enabled the virtual host.
Now from other computer I could not access this api.local project. How can I fix this issue?
THe reason is that the other computer does not know where to find api.local. The browser will look for that domain name in the DNS Server that is registered to be used on the OTHER PC and obviously not find it.
So the other PC needs to know the ip address to go to when you enter api.local. You can do this in a number of ways.
If your Uni techs will allow you to add this domain name to their DNS Server this is the best way.
But if they wont allow this, then you will have to edit the HOSTS file on the OTHER PC like this
204.xxx.xxx.xxx api.local
Now this one PC will know where to find your site. However the HOSTS file is normally well protected and you would need Administrator access to change it, which you admins may not allow.
Another way would be to make the site available on a different port, then you can use the WAMPServer PC ip address and a port number to get to your site like this
Listen 8000
<VirtualHost *:8000>
ServerName api.local
ServerAlias api.local
DocumentRoot "c:/wamp64/www/api"
<Directory "c:/wamp64/www/api/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Now use 204.xxx.xxx.xxx:8000 as the site address and you should get to your site

WampServer: 403 Forbidden

All of a sudden my local WampServer vhosts are not working.
I've added a new vhost to vhosts.conf and hosts.
When I load that vhost in a web browser, I receive 403 Forbidden.
In vhosts.conf, I have:
<VirtualHost *:80>
ServerName example.com.au
ServerAlias example.com.au
DocumentRoot "D:\Dropbox\WAMP\WWW\example.com.au"
<Directory "D:\Dropbox\WAMP\WWW\example.com.au">
Options Indexes FollowSymLinks MultiViews
Require all granted
</Directory>
</VirtualHost>
In httpd.conf I have:
Listen 10.0.0.199:80 ::1
Listen [::0]:80
<Directory />
AllowOverride none
Require all denied
</Directory>
where 10.0.0.199 is my PC's IP.
WampServer is online.
WampServer 3.0.6
Apache 2.4.23
Help appreciated.
I changed
<Directory />
AllowOverride none
Require all denied
</Directory>
to
<Directory />
AllowOverride none
Require all granted
</Directory>
in httpd.conf, and that resolved the 403 error.
The default config in httpd.conf has all the Listen parameters you need
Listen 0.0.0.0:80
Listen [::0]:80
This says listen on port 80 of whatever this PC's ip address is for both IPV4 and IPV6 address ranges, and is all you need.
This section of httpd.conf should also be left as you found it. This sets up the basic denial of all rights to all folders on the drive where you installed WAMPServer(Apache) and should do exactly that. Change it back to this
<Directory />
AllowOverride none
Require all denied
</Directory>
This is for your security. It say nobody is allowed access to the root of this driver and therefore no access to anything below the root. Once this is set you are then supposed to open up access to ONLY what Apache actually need access to. That is what you do in your httpd-vhosts.conf file for only the folders that site requires access too.
If you are hacked, then a hacker can only access those folder given access and NOT YOUR WHOLE DRIVE.
Your Virtual Host definition in httpd-vhosts.conf shoudl look like this
<VirtualHost *:80>
ServerName example.com.au
ServerAlias www.example.com.au
DocumentRoot D:/Dropbox/WAMP/WWW/example.com.au
<Directory "D:/Dropbox/WAMP/WWW/example.com.au/">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
## Dangerous unless you really mean to
## allow the universe into your server
## I would use one of the other options and comment this one out
Require all granted
# If access from this PC only then us
# i.e. you are a standalone developer
# uncomment this
#Require local
#If access from your local network is required
# i.e. you are working with other devs within your local network
# uncomment this
#Require ip 10.0.0
</Directory>
</VirtualHost>
Note the use of Unix forward slashes and the <Directory.... tag needs a trailing slash
Then check your HOSTS file it should be like this
127.0.0.1 localhost
::1 localhost
127.0.0.1 example.com.au
::1 example.com.au

How can I create different ports on Apache VirtualHosts

I'm trying to create VirtualHost for a different port number with below code, but when I try to access that port number "domain: port" I receive "ERR_CONNECTION_REFUSED" error on browser.
Steps, what I do
First editing http.conf, created for the related domain via Plesk
I am writing these codes
Restart Apache
Also I add that port number on httpd.conf. (Listen: port) but at this point I receive "Internal Server Error"
What do I use:
Plesk 12,
Apache/2.2.15 (Unix),
Ngnix (Reserve proxy)
<VirtualHost IP:8324>
DocumentRoot "/var/www/vhosts/httpdocs"
ServerName "domain:8324"
ServerAlias "www.domain.com"
ServerAlias "ipv4.domain.com"
UseCanonicalName Off
<Directory /var/www/vhosts/httpdocs>
DirectoryIndex index.php
Options +Indexes +FollowSymLinks +MultiViews +Includes
AllowOverride All
Order allow,deny
Allow from all
Require all granted
</Directory>
</VirtualHost>
What am I missing? Thank you
I think you can do that using a custom template for a specific vhost.
You should check these two links. The might put you on the right track:
https://docs.plesk.com/en-US/12.5/advanced-administration-guide-linux/virtual-hosts-configuration/changing-virtual-hosts-settings-using-configuration-templates/example-changing-default-apache-ports.68800/
https://docs.plesk.com/en-US/onyx/advanced-administration-guide-linux/virtual-hosts-configuration/changing-virtual-hosts-settings-using-configuration-templates.68693/
Just so you know, any manual changes that you do in the httpd.conf file (from a ssh console for example, at the next plesk update or when you add/delete an account, they will be overwritten since Plesk is regenerating the httpd.conf file)