Apache 2.4.6: client denied by server configuration (PHP FPM) - apache

I found a similar question but it did not helped.
When I open a PHP file via https://site/test.php, the following error comes:
[Tue Oct 29 11:15:53.480855 2013] [authz_core:error] [pid 5424] [client xxx.xxx.xxx.xxx:xxxxx] AH01630: client denied by server configuration: /vhost_site_ssl
Virtualhost:
<VirtualHost *:443>
ServerName site:443
ServerAlias www.site:443
DocumentRoot /opt/web/site
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/privkey.pem
ErrorLog "/opt/log/apache/site_ssl-error.log"
CustomLog "/opt/log/apache/site_ssl-access.log" combined
CustomLog "/opt/log/apache/site_ssl-bandwidth.log" common
<Directory /opt/web/site>
AllowOverride All
Options +Indexes +FollowSymLinks +MultiViews
Order allow,deny
Allow from all
Require all granted
</Directory>
<Directory /vhost_site_ssl>
AllowOverride All
Order allow,deny
Allow from all
Require all granted
Options +Indexes +FollowSymLinks +MultiViews
</Directory>
<Directory /php5-fpm-handler>
AllowOverride All
Order allow,deny
Allow from all
Require all granted
Options +Indexes +FollowSymLinks +MultiViews
</Directory>
<IfModule mod_fastcgi.c>
<FilesMatch \.php$>
SetHandler php-script
</FilesMatch>
Action php-script /php5-fpm-handler
Alias /php5-fpm-handler /vhost_site_ssl
FastCGIExternalServer /vhost_site_ssl -socket /var/run/sock_site_ssl.sock
</IfModule>
</VirtualHost>
I suppose this error is caused by upgrading apache 2.2 to 2.4. I also read this: http://httpd.apache.org/docs/2.4/upgrading.html but did not helped.
UPDATE
I forgot to attach te exact error page:
Forbidden
You don't have permission to access /php5-fpm-handler/phpinfo.php on this server.
Apache/2.4.6 (Ubuntu) Server at site Port 80

Related

apache httpd is automatically redirecting to https

Server is running on RHEL 7.9, httpd 2.4.6 and I have the following structure in my /var/www/html directory:
/site
index.php
I can reach the root index.php by visiting the IP address. However, when I try to access content inside /site directory, it automatically switches to https, hence the content does not load.
Some snippets from /etc/httpd/conf/httpd.conf:
DocumentRoot "/var/www/html"
<Directory />
AllowOverride None
Require all denied
Options -Indexes +FollowSymLinks
</Directory>
<Directory "/var/www/html">
AllowOverride All
Options -Indexes +FollowSymLinks
Require all granted
</Directory>
<Directory "/var/www/html">
Options -Indexes +FollowSymLinks
AllowOverride All
Require all granted
</Directory>
AccessFileName .htaccess
<IfModule dir_module>
DirectoryIndex index.php index.htm index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
IncludeOptional conf.d/*.conf
I have a virtual host setup for /etc/httpd/conf.d/site.conf
<VirtualHost <server ip>:80>
ServerAdmin webmaster#sitename.com
DocumentRoot /var/www/html/site/
ServerName www.sitename.com
ServerAlias sitename
<Directory /var/www/html/site>
Require all granted
</Directory>
</VirtualHost>

Error apache : access denied

My configuration :
Wampserver 3.0.0 32bits
Apache 2.4.17
php 5.6.15
mysql 5.7.9
My problem :
WampServer start properly, but when I try to access a project in the log i have:
[Sat May 21 10:55:39.393866 2016] [authz_core:error] [pid 6984:tid 1140] [client 127.0.0.1:50070] AH01630: client denied by server configuration: C:/wamp/www/project/api/app/
[Sat May 21 10:55:39.395878 2016] [authz_core:error] [pid 6984:tid 1140] [client 127.0.0.1:50070] AH01630: client denied by server configuration: C:/wamp/www/project/api/src/
Yet I check my configuration files and all seems OK.
There are my configs files :
httpd.conf :
<Directory "C:/wamp/www/">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# [httpd.apache.org]
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# AllowOverride FileInfo AuthConfig Limit
#
AllowOverride all
#
# Controls who can get stuff from this server.
#
#onlineoffline tag - don't remove
#Require local
Require all granted
</Directory>
httpd-vhosts.conf:
<VirtualHost *:80>
ServerAdmin admin#test.fr
ServerName localhost
DocumentRoot "C:/wamp/www"
<Directory "C:/wamp/www">
Options +Indexes +FollowSymlinks
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerAdmin admin#test.fr
ServerName localhost.project.com
#ServerAlias localhost.project.com
DocumentRoot "C:/wamp/www/project/website/web/"
<Directory "C:/wamp/www/project/website/web/">
Options +Indexes +FollowSymlinks
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerAdmin admin#test.fr
DocumentRoot "C:/wamp/www/project/api"
ServerName api.project.com
#ServerAlias api.project.com
<Directory "C:/wamp/www/project/api">
Options +Indexes +FollowSymlinks
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerAdmin admin#test.fr
DocumentRoot "C:/wamp/www/Demo_websocket/web"
ServerName demo.websocket
#ServerAlias demo.websocket
<Directory "C:/wamp/www/Demo_websocket/web">
Options +Indexes +FollowSymlinks
AllowOverride All
</Directory>
</VirtualHost>
My hosts file :
I think I do not understand very well what you mean. The content of my
hosts file is :
127.0.0.1 localhost
127.0.0.1 api.project.com
127.0.0.1 localhost.project.com
I already tried to set Require all granted in VirtualHost but no success :s
If someone has already faced this problem and found a solution , I'm interested. Thank you
you are using localhost with virtual hosting,
if this is your hosts file, it is correct
127.0.0.1 localhost
127.0.0.1 api.project.com
127.0.0.1 localhost.project.com
and in your local browser you'll write one of these urls.
But your virtual host configuration must respond to a specific host and not to *, for example fo api you must have <VirtualHost api.project.com:80> and not <VirtualHost *:80>
also the generic * virtual host MUST be at the end of the list, then the result is:
<VirtualHost localhost.project.com:80>
ServerAdmin admin#test.fr
ServerName localhost.project.com
#ServerAlias localhost.project.com
DocumentRoot "C:/wamp/www/project/website/web/"
<Directory "C:/wamp/www/project/website/web/">
Options +Indexes +FollowSymlinks
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost api.project.com:80>
ServerAdmin admin#test.fr
DocumentRoot "C:/wamp/www/project/api"
ServerName api.project.com
#ServerAlias api.project.com
<Directory "C:/wamp/www/project/api">
Options +Indexes +FollowSymlinks
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost demo.websocket:80>
ServerAdmin admin#test.fr
DocumentRoot "C:/wamp/www/Demo_websocket/web"
ServerName demo.websocket
#ServerAlias demo.websocket
<Directory "C:/wamp/www/Demo_websocket/web">
Options +Indexes +FollowSymlinks
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerAdmin admin#test.fr
ServerName localhost
DocumentRoot "C:/wamp/www"
<Directory "C:/wamp/www">
Options +Indexes +FollowSymlinks
AllowOverride All
</Directory>
</VirtualHost>

Script on Perl doesn't work. Apache gave me 500 Internal Server Error

So. I check my script
perl -cw /var/www/cgi/env.pl
var/www/cgi/env.pl syntax OK
I double check it in commandline. It works and shows me my environment values.
My /etc/apache2/sites-available/mysite.com looks like this:
ServerAdmin webmaster#localhost
ServerName mysite.com
DocumentRoot /var/www
<Directory />
Options FollowSymLinks +ExecCGI
AllowOverride None
AddHandler cgi-script .cgi .pl
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /var/www/cgi/
<Directory "/var/www/cgi">
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
It should work, but i've got 500 error.
Apache log says:
[Fri Sep 19 09:29:04 2014] [error] [client 127.0.0.1] (2)No such file or directory: exec of '/var/www/cgi/env.pl' failed
[Fri Sep 19 09:29:04 2014] [error] [client 127.0.0.1] Premature end of script headers: env.pl
What should I do to make it work?
Is it possible that phpmyadmin influent to apache server like this. I do not use php except phpmyadmin for database. Maybe here is the problem?
Okay.
This is my mistake.
This script was written on Windows machine and I forget about this fact for a while.
So I tried to delete carriage return symbol.
Now my script works.
Solution is:
perl -pi -e 's/\r\n/\n/g /path/to/your/script'

Getting 403 Forbidden Error Using web2py with Apache2 WSGI on Fedora

I'm getting 403 Forbidden with the webpage displaying:
Forbidden
You don't have permission to access / on this server.
The access log shows the following corresponding to this:
[Mon Jan 20 17:12:03.888576 2014] [authz_core:error] [pid 1940] [client XX.XX.XX.XX:32491] AH01630: client denied by server configuration: /opt/web-apps/web2py/wsgihandler.py
I've the following permissions set for the above directory:
/]# ls -ld opt
drwxrwxrwx. 4 root root 4096 Jan 10 20:05 opt
opt]# ls -ld web-apps
drwxrwxrwx 3 root root 4096 Jan 10 20:10 web-apps
web-apps]# ls -ld web2py
drwxr-xr-x 11 apache apache 4096 Jan 10 21:21 web2py
web2py]# ls -l wsgihandler.py
drwxrwxr-x 1 apache apache 1128 Nov 28 19:23 wsgihandler.py
And my conf file /etc/httpd/conf.d/default.conf is as follows:
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
WSGIDaemonProcess web2py user=apache group=apache processes=1 threads=1
WSGIProcessGroup web2py
WSGIScriptAlias / /opt/web-apps/web2py/wsgihandler.py
WSGIPassAuthorization On
<Directory /opt/web-apps/web2py>
AllowOverride None
Order Allow,Deny
Deny from all
<Files wsgihandler.py>
Allow from all
</Files>
</Directory>
AliasMatch ^/([^/]+)/static/(?:_[\d]+.[\d]+.[\d]+/)?(.*) /opt/web-apps/web2py/applications/$1/static/$2
<Directory /opt/web-apps/web2py/applications/*/static>
Options -Indexes
Order Allow,Deny
Allow from all
</Directory>
<Location /admin>
Deny from all
</Location>
<LocationMatch ^/([^/]+)/appadmin>
Deny from all
</LocationMatch>
CustomLog /var/log/httpd/access_log common
ErrorLog /var/log/httpd/error_log
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/self_signed.cert
SSLCertificateKeyFile /etc/httpd/ssl/self_signed.key
WSGIProcessGroup web2py
WSGIScriptAlias /web2py /opt/web-apps/web2py/wsgihandler.py
WSGIPassAuthorization On
<Directory /opt/web-apps/web2py>
AllowOverride None
Order Allow,Deny
Deny from all
<Files wsgihandler.py>
Allow from all
</Files>
</Directory>
AliasMatch ^/([^/]+)/static/(?:_[\d]+.[\d]+.[\d]+/)?(.*) /opt/web-apps/web2py/applications/$1/static/$2
<Directory /opt/web-apps/web2py/applications/*/static>
Options -Indexes
ExpiresActive On
ExpiresDefault "access plus 1 hour"
Order Allow,Deny
Allow from all
</Directory>
CustomLog /var/log/httpd/access_log common
ErrorLog /var/log/httpd/error_log
</VirtualHost>
Try this one :
first of all if you have linux user apache and group apache then put your web2py directory with /home/apache/ and then change your apache sites-available file like this. hope this will for for you.
<VirtualHost *:80>
ServerName example.com
WSGIDaemonProcess web2py user=apache group=apache display-name=%{GROUP}
WSGIProcessGroup web2py
WSGIScriptAlias / /home/apache/web2py/wsgihandler.py
<Directory /home/apache/web2py>
AllowOverride None
Order Allow,Deny
Deny from all
<Files wsgihandler.py>
Allow from all
</Files>
</Directory>
AliasMatch ^/([^/]+)/static/(.*) /users/apache/web2py/applications/$1/static/$2
<Directory /users/apache/web2py/applications/*/static/>
Order Allow,Deny
Allow from all
</Directory>
</VirtualHost>
If you using virtualenv check your wsgi file as well like this :
activate_this = '/path/to/virtualenv/bin/activate_this.py'
execfile(activate_this, dict(__file__=activate_this)
import sys
sys.path.insert(0, '/path/to/web2py_dir')
It is mostly because your apache2 version is 2.4.
You will need to upgrade you conf file..
Follow the link Upgrading apache2 to 2.4

Configuring apache with fastcgi in Haskell

I am trying to run my Haskel fastcgi program with apache (Server version: Apache/2.2.15 (Cent OS 6)),
Following are the changes done in httpd.conf
<IfModule fastcgi_module>
AddHandle fastcgi-script .fcgi
</IfModule>
LoadModule fastcgi_module modules/mod_fastcgi.so
<VirtualHost *:80>
ServerAdmin webmaster#<hostname>
DocumentRoot /var/www
ServerName <hostname>
ErrorLog logs/<hostname>.com-error_log
CustomLog logs/<hostname>-access_log common
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
<Directory "/var/www/http">
Options -Indexes FollowSymLinks +ExecCGI
AllowOverride AuthConfig FileInfo
AddHandler fastcgi-script .fcgi
Order allow,deny
Allow from all
</Directory>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
I followed all the instructions as specified here
When I visit the link curl --include http:// hostname/cgi-bin/test.fcgi
I get error in apache server log as
[error] Premature end of script headers: test.fcgi
How can I debug this issue ?