We Keep Coding

Why Apache configuration works when I use root directory

I have a VirtualHost that I am using to serve requests to files in /var/www/project/src.
I also have a Perl script (CGI binary) that is in /var/www/project/src/cgi-bin/index.pl.
Here's the part of the directive relevant to my question:
<VirtualHost example.com:443>
...
DocumentRoot "/var/www/project/src"
<Directory "/var/www/project/src">
Require all granted
Options +MultiViews +ExecCGI
AddHandler cgi-script .pl
DirectoryIndex /cgi-bin/index.pl
</Directory>
</VirtualHost>
The server starts, but access to the host fails as I get a 403 error.
The Apache logs indicate that the web server cannot find {document-root}/cgi-bin/index.pl:
[Thu Nov 09 11:37:03.578316 2017] [autoindex:error]
[pid 122783] [client example-client.com:57203] AH01276:
Cannot serve directory /var/www/project/src/: No matching
DirectoryIndex (/cgi-bin/index.pl) found, and server-
generated directory index forbidden by Options directive
This directory and index.pl file are in the right location, are owned by the apache user, and have permissions which allow others to read the contents of directories and execute the index.pl CGI-bin.
Moreover, if I change paths in DocumentRoot and Directory variables, the following configuration works:
<VirtualHost example.com:443>
...
DocumentRoot "/"
<Directory "/">
Require all granted
Options +MultiViews +ExecCGI
AddHandler cgi-script .pl
DirectoryIndex /var/www/project/src/cgi-bin/index.pl
</Directory>
</VirtualHost>
Apache starts up, and my access to the host in turn loads /cgi-bin/index.pl, which is rendered correctly.
Question: What would cause the first set of directives to fail, where the second set works?
More specifically: What is preventing the first set of directives from finding /cgi-bin/index.pl in the specified document root, while the second set correctly finds the fully-qualified path /var/www/project/src/cgi-bin/index.pl?
Note: The items in ... do not seem relevant to the issue — whether I remove them, alter them, or leave them, the error and log messages are the same in any case — so I am leaving them out for brevity.

Try changing permissions for /var/www, /var/www/project, /var/www/project/src and/or /var/www/project/src/cgi-bin
Update: Also, don't forget to restart Apache server after making changes.

What's happening is your excessive zeal an excess in your zeal... in the first example, DirectoryIndex /cgi-bin/index.pl points towards your ROOT directory, then searching for a folder caller cgi-bin. This also happens in the second example, but since you give the full path, Apache finds it. Try removing the / before cgi-bin and the issue should fix itself.

Server Error 500 Php

Good day
Im trying to install a GamePanel with PHP called Swiftpanel on my VPS Centos7 64bit
i installed LAMP on my vps and html files work perfectly.
But my gamepanel doesnt work
and the gamepanel is located at:
http://51.255.199.40/gpanel/
as you can see when i try reaching my gpanel it gives me the SERVER ERROR 500
i looked at my apache error logs and this is what i get:
[Fri Mar 04 15:53:53.533162 2016] [autoindex:error] [pid 18753] [client 46.99.59.98:51034] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive
Here is my httpd.conf and php.conf:
http://pastebin.com/HJfH3gWQ
I need some help fixing this, im a begginer in coding.
With respect
Benjamin Selmani

In httpd.conf, try changing the line:
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
to
<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>
and restart Apache.

OK, edit your httpd.conf file and change the following line:
Options Indexes FollowSymLinks
to:
Options +Indexes +FollowSymLinks
then restart your Apache server. If this doesn't work, it's likely we are editing the wrong httpd.conf file. You'd be surprised how many you might find on your computer including all the conf files in sub directories (look at the last line of your httpd.conf file). Somewhere there is probably a line that looks like this:
Options -Indexes
Which is the explicit cause of the problem. But try my earlier suggestion first.

.htaccess is not working in xampp (ubuntu)

I can't get .htaccess to work in xampp under Ubuntu 13.04 and the server keep showing the 404 error page I tried to modify httpd.conf in /opt/lampp/apache2/conf/ with this code
<Directory "/opt/lampp/apache2/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
LoadModule rewrite_module modules/mod_rewrite.so
but still give the same error page
it looks like the server can't see the .htaccess file.
What to do .. ?

Make sure your htaccess file is in the right place (/opt/lampp/apache2/htdocs) and that it is readable (chmod 644 /opt/lampp/apache2/htdocs/.htaccess) and that the access file is set to ".htaccess":
AccessFileName .htaccess
By default, it's already ".htaccess" but it could have been changed.
Finally, try adding some gibberish to the top of your htaccess file (like "ashdakjhfdksjfhds"), if you get a 500 internal server error, that means your htaccess file is being read and the problem isn't your setup but the contents of the file.

How to Set AllowOverride all

I want to set the AllowOverride all But I don't know how to do it. I have found the following code by searching the google and pasted it in .htaccess:
<Directory>
AllowOverride All
</Directory>
But after pasting it I started receiving "Internal Server Error"
Can anyone guide me where to put this code or how to do it?

In case you are on Ubuntu, edit the file /etc/apache2/apache2.conf (here we have an example of /var/www):
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
and change it to;
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
then,
sudo service apache2 restart
You may need to also do sudo a2enmod rewrite to enable module rewrite.

The main goal of AllowOverride is for the manager of main configuration files of apache (the one found in /etc/apache2/ mainly) to decide which part of the configuration may be dynamically altered on a per-path basis by applications.
If you are not the administrator of the server, you depend on the AllowOverride Level that theses admins allows for you. So that they can prevent you to alter some important security settings;
If you are the master apache configuration manager you should always use AllowOverride None and transfer all google_based example you find, based on .htaccess files to Directory sections on the main configuration files. As a .htaccess content for a .htaccess file in /my/path/to/a/directory is the same as a <Directory /my/path/to/a/directory> instruction, except that the .htaccess dynamic per-HTTP-request configuration alteration is something slowing down your web server. Always prefer a static configuration without .htaccess checks (and you will also avoid security attacks by .htaccess alterations).
By the way in your example you use <Directory> and this will always be wrong, Directory instructions are always containing a path, like <Directory /> or <Directory C:> or <Directory /my/path/to/a/directory>. And of course this cannot be put in a .htaccess as a .htaccess is like a Directory instruction but in a file present in this directory. Of course you cannot alter AllowOverride in a .htaccess as this instruction is managing the security level of .htaccess files.

Goto your_severpath/apache_ver/conf/
Open the file httpd.conf in Notepad.
Find this line:
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
Remove the hash symbol:
LoadModule vhost_alias_module modules/mod_vhost_alias.so
Then goto <Directory />
and change to:
<Directory />
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Then restart your local server.

On Linux, in order to relax access to the document root, you should edit the following file:
/etc/httpd/conf/httpd.conf
And depending on what directory level you want to relax access to, you have to change the directive
AllowOverride None
to
AllowOverride All
So, assuming you want to allow access to files on the /var/www/html directory, you should change the following lines from:
<Directory "/var/www/html">
AllowOverride None
</Directory>
to
<Directory "/var/www/html">
AllowOverride All
</Directory>

If you are using Linux you may edit the code in the directory of
/etc/httpd/conf/httpd.conf
now, here find the code line kinda like
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
Change the AllowOveride None to AllowOveride All
Now now you can set any kind of rule in your .httacess file inside your directories
if any other operating system just try to find the file of httpd.conf and edit it.

As other users explained here about the usage of allowoveride directive, which is used to give permission to .htaccess usage. one thing I want to point out that never use allowoverride all if other users have access to write .htaccess instead use allowoveride as to permit certain modules.
Such as AllowOverride AuthConfig mod_rewrite Instead of
AllowOverride All
Because module like mod_mime can render your server side files as plain text.

enter code hereif you are using linux you have to edit the
`/etc/apache2/sites-available/000-default.conf`
under the Documentroot . add the following code
`<Directory /var/www/>
AllowOverride all
Require all granted
</Directory>`
then ,
`sudo service apache2 restart`
and you have to enable the apache mod rewrite
`sudo a2enmod rewrite`

I think you want to set it in your httpd.conf file instead of the .htaccess file.
I am not sure what OS you use, but this link for Ubuntu might give you some pointers on what to do.
https://help.ubuntu.com/community/EnablingUseOfApacheHtaccessFiles

I also meet this problem, and I found the solution as 2 step below:
1. In sites-enabled folder of apache2, you edit in Directory element by set "AllowOverride all" (should be "all" not "none")
2. In kohana project in www folder, rename "example.htaccess" to ".htaccess"
I did it on ubuntu. Hope that it will help you.

There are several answers but there a number of things wrong with this question and I would like to address these:
If you get an error (e.g. 500), look in the log files (if you have access to them). e.g. /var/log/apache2/ssl_error.log
e.g.
cat /var/log/apache2/ssl_error.log
[Tue Jun 01 19:05:34 2021] [alert] [pid 31154] config.c(2119):
[client *******] /var/www/mysite/public/tmp/.htaccess:
<Directory not allowed here [lid YLZo3quRlv2EKOAABVoFLwAAAIM]
Putting AllowOverrides in a .htaccess makes no sense and is not allowed. See Context. See also my explanation below. It should be defined in the Apache configuration (e.g. /etc/apache2)
Allowing everything is usually not the best idea. Be as restrictive as possible!
the Directory directive is missing a directory, should be e.g. <Directory /var/www/html/etc>
the Directory directive does not make sense in an .htaccess. The location of the .htaccess in a directory already has the effect of making the statements within apply to a specific directory
do not mix and match snippets that are intended to be put in the Apache configuration (e.g. in /etc/apache2/...) with statements that are intended to be put in .htaccess - though most of the time, they will be identical, there are some subtle differences
If you have the possibility to modify the Apache configuration directly, do not use .htaccess and deactivate it. (for performance reasons, among others. Also you can have all configuration in one place, put it in version control or manage it via a software configuration management tool, e.g. Puppet, Ansible, SaltStack)
Unless you really cannot access and modify the Apache configuration directly, you do not need .htaccess. This is a common misconception.
That you saw a 500 error proves my point. If you change configuration in the Apache configuration directly (and not in .htaccess), you will usually get an error message with an explanation and information about the error and the line number (e.g. when you do service apache2 reload or apachectl configtest) - which gives you the possibility to fix the error before applying this in production(!).
Also, look in the documentation. It is really quite good. For most directives, you can find where they apply (see "Context").
For example, for IfModule, you can see:
Context: server config, virtual host, directory, .htaccess
For, AllowOverrides it is:
Context: directory
Note the missing .htaccess in the Context!
Instead of googling for information which repeat the same mistakes over and over, look in the documentation!
Docs
AllowOverrides
https://www.danielmorell.com/guides/htaccess-seo/basics/dont-use-htaccess-unless-you-must

SuSE Linux Enterprise Server
Make sure you are editing the right file
https://www.suse.com/documentation/sles11/book_sle_admin/data/sec_apache2_configuration.html
httpd.conf
The main Apache server configuration file. Avoid changing this file. It primarily contains include statements and global settings. Overwrite global settings in the pertinent configuration files listed here. Change host-specific settings (such as document root) in your virtual host configuration.
In such case vhosts.d/*.conf must be edited

Plus those upvoted correct answers sometimes same error could be seen because of mismatched and different settings on SSL part of webserver configurations. (Obviously when not using .htaccess file).

Apache: Directory index forbidden by Options directive

We are running 4 Wordpress network installations on a Windows Server 2008 R2 VPS, with Apache 2.2.17 and PHP 5.3.10 and for some reason we are regularly getting this (sample) error:
Error log
[Thu Feb 16 15:01:59 2012] [error] [client x.x.x.x] Directory index forbidden by Options directive: C:/_webserver/_www/wp/www/
Access log
host x.x.x.x - - [17/Feb/2012:12:59:23 +0200] "GET / HTTP/1.1" 403 306 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; GTB7.2; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; .NET4.0C; MATM)"
The error "Directory index forbidden" usually means that a directory is trying to be accessed, but there is no file (according to the options directive) to be displayed and directory listing is forbidden. This however is not the case here. The error refers to the folder C:/_webserver/_www/wp/www/, which is the webroot for the project, and has always had an index.php. Also, httpd.conf is set-up with: DirectoryIndex index.html index.php
Seeing as how the error occurs in Apache, I think it's highly unlikely that this can be caused by either PHP or Wordpress.
The tough thing is that we don't know how to reproduce the error, so it is hard for us to test this.
What can we do to find out what the issue could be? Can it have anything to do with the set-up of Apache (seems like a redundant question). Can it have anything to do with the file already being read by Apache? Is there some way we can get more info about this issue?
I would welcome any help to help me solve this nasty case.
UPDATE
These are the modules that I currently have in use
LoadModule deflate_module modules/mod_deflate.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule cache_module modules/mod_cache.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule alias_module modules/mod_alias.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule dir_module modules/mod_dir.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule php5_module "c:/_webserver/_server/php-5.3.10-Win32-VC9-x86/php5apache2_2.dll"
Options directives:
<Directory />
Options FollowSymLinks ExecCGI
AllowOverride None
Order deny,allow
Allow from all
</Directory>
<Directory "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
httpd-vhosts.conf looks like this:
NameVirtualHost *:80
<VirtualHost *:80>
<Directory "C:/_webserver/_www/sites/www">
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
Include "C:/_webserver/_www/sites/htaccess.conf"
DocumentRoot "C:/_webserver/_www/sites/www"
ServerName xxx
ServerAlias xxx
CustomLog logs/sites.access.log mycombined
ErrorLog logs/sites.error.log
</VirtualHost>
I have 5 virtual hosts set-up like this, with each their own error and access log. The projects don't use a .htaccess, but this is set-up statically via the conf for performance.
The server runs on windows, so the MPM set-up is a little limited
# WinNT MPM
# ThreadsPerChild: constant number of worker threads in the server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule mpm_winnt_module>
ThreadsPerChild 1750
MaxRequestsPerChild 0
</IfModule>
Final update
Well, I decided to turn off Apache caching completely, and since then, had no more errors. Unfortunately I haven't had too much time this week to do proper testing, but at least I know where the issue lies. And with a not so busy server, no caching is alright for now. I might be back in a while :-)

This is certainly something hard to debug, occasional bugs are the worst ones :-)
My first thoughts were "internal dumy connections" related issues, but that would not show you an IE8-beta signature in access.log.
So I found three links that you may investigate:
A serverFault intermittent 403 problem, related to mod_negotiation and SSI
Another serverFault intermittent 403, related to MaxClients reached, check that you do not reach MaxClients when that error appears.
A deep analysis of intermittent 403 related to mod_cache
From that I think this kind of problem is a little like drug interactions. So the first thing to do is:
Check the modules loaded in your apache configuration and remove (comment Load lines) the ones you do not need at all (and you will have a faster Apache if you never did it before!).
Build a test environment, for modules that you are still using in production (where removing it would make your application crash). You'll need to be able to reproduce the bug with wget or ab or any other massive HTTP requests tool.
try to inactive modules, one by one, until the problem disappears.
Modules that usually make strange behaviors are:
mod_negotiation (with the related Option Multiviews). Apache is then trying to serve alternate files, after a negociation with the browsers headers. That may break your RewriteRules or interact badly with other modules. That usually lead to some unattented responses to malformed queries, I always remove that module.
mod_include : Server Side Includes (with related option Includes), also known as SSI. Who really needs that?
mod_cache & mod_disk_cache , really, that's a very old school things, you'd better try using Varnish or any other reverse proxy caches
mod_rewrite: the swiss knife, but are you sure you didn't wrote a very strange Rule somewhere?
mod_dir : check you do not have DirectorySlash Off, that may interact badly with some other module doing strange things
mod_isapi : reading the doc may lead you to some hints. For me I have the feeling this is an experimental support, on heavy load I'm quite sure strange things could happen.
mod_proxy : remove it if you do not need it
UPDATE: (after configuration details)
Reading your configuration I saw several little mistakes (unrelated):
<Directory /> I don't think this will work on Windows, as your root is c: not /. But I'm maybe wrong. At least you do not need an allow from all here, quite unsecure.
If you do not use .htaccess files set the AllowOverride None everywhere, especially in a <Directory "C:">, to avoid seeking for theses files from the root directory.
Now for your problem. I do not see any mod_cache related option in your configuration (but maybe you have some included files in subdirectories of apache configuration that use mod_cache directives. If you do not use any of the mod_cache directives you can suspend that module without any risk.

If it's intermittent, it's fair to guess that someone is intermittently deleting and replacing index.php.
Re comments -- this does not require 'sabotage'. If you simply redeploy some style of applications with a running webserver, or restore a backup, there is a window of time when Apache might see a this directory but no file.