[SOLVED]geteing 403, forbiden errors in apache

[madchaz]

hi all
I am in the process of moving my website back to my own server.

As part of the move, I wanted to host it in the public_html folder of my home directory.

Everything was working fine, until I had a glitch. I am honestly not sure what changed, as I was not in the process of changing anything except web content, but now, I am geting 403 errors when trying to acces ANY public_html directory on the server.

I have 2 users. I was working in the web-content of one of them when it occured.

I checked that proper file permisions were set. The public_html folders are 777, so shouldn't be an issue.

Anyone as an idea?

edit: O yea, I restarted apache (after the issue started) and I get no config file error and it starts properly, just keeps giving me 403.
_________________
Someone asked me once if I suffered from mental illness. I told him I enjoyed every second of it.

[erik258]

it does sound like a permissions problem, but maybe not with the public_html directories themselves.

Have you checked the permissions of the files in those directories? Perhaps you've set a nondefault umask and they got created 0700 or o770 or something? Or maybe it's your apache config. You definitely have to set that up proper for home directory webpages ... or it could be allow,deny settings in that section of apache.conf or something ... good place to start sleuthing probably.

are you sure you didn't do a world update and then etc-update and miss something?
_________________
Configuring a Firewall? Try my iptables configuration
LinuxCommando.com is my blog for linux-related scraps and tidbits. Stop by for a visit!

[madchaz]

I wasn't doing any updates on my server. It was actualy working fine, until I had some kind of glitch that disconnected me (I was working remotely). When I re-connected, I was geting 403. The root of the server works fine.

I did chmod -R 777 public_html to make 100% sure everything under there had the rights.

It was working fine before and I haven't made any changes in apache config files.

What I also find weird is that when it stoped working, it stoped for both my users, not just one of them.

I'll re-check my apache config tonight and post the relevent part if I don't find anything.
_________________
Someone asked me once if I suffered from mental illness. I told him I enjoyed every second of it.

[erik258]

Dang. so much for an easy solution ; )

Well, it sounds as if perhaps there is aproblem with apache. I have never had this problem but then again my webserver sees very, very, very little traffic. You might consider reinstalling apache itself and so on. But i doubt it would behave as if it were misconfigured if there were something wrong with it.

When it stopped working, did the computer crash? That is, did the services get stopped properly and did the hd get unmounted before power was cut? If not, maybe the problem is that httpd.conf didn't quite make it to disk. But I don't understand why even a crash would matter, because it wasn't like you were writing to that file or changing it when the net went down.

I would start looking in httpd.conf and related configs myself, but it doesn't sound promising. Make sure to check your system's logs too and be sure that apache's doing OK in general.

What a strange problem. I certainly hope my webserver doesn't face it in the future ; ).

Best of luck , i'll be watching...
_________________
Configuring a Firewall? Try my iptables configuration
LinuxCommando.com is my blog for linux-related scraps and tidbits. Stop by for a visit!

[madchaz]

Server never rebooted.

I was working remotely, connecting to a vmware win2k machine that sits inside my gentoo box. I got disconnected from my vnc session and when I logged back in (took a few minutes before I could), everything was still open. I originally thought my internet connection had gone weird on me, but I'm on cable and it's usually rock stable. Once that had occurred, I could no longer see what was inside public_html.

I guess I'll re-install apache. The only customization I have done is change the port it listens on to get around my ISP blocking port 80. Won't take too long to re-fix.

I had a quick look at httpd.conf, but found nothing relevant. Can't connect right now, so will see if I find anything tonight.
_________________
Someone asked me once if I suffered from mental illness. I told him I enjoyed every second of it.

[madchaz]

re-built apache and put all the config files back to default.

Still the same problem.

Added the apache user to the group for both my users, now it works.

What I don't get is, the apache user already had the rights to get to those folders ....

o well, it works now.
_________________
Someone asked me once if I suffered from mental illness. I told him I enjoyed every second of it.

[erik258]

that's wierd. So the user under which apache was running needed perms for ~/public_html besides the "Other" permissions ?


Perhaps it's a problem with the /home directory's permissions? like 760 , say, and in the users group, might not let apache in it's 'apache' or 'web' or whatever group execute the directory to get the contents.

Well, i certainly don't understand, but good work nontheless.
_________________
Configuring a Firewall? Try my iptables configuration
LinuxCommando.com is my blog for linux-related scraps and tidbits. Stop by for a visit!

[madchaz]

Apparently, even with /home having r for others, it would not work

In the end, adding the apache user in the groups for all the different users I want this to work for is a bit better for me.

It lets me control who can post a web-page and it lets me ensure users cannot read the content of other user's home. I might have "untrusted" users with shell access soon, so I'm being carefull with FS security.
_________________
Someone asked me once if I suffered from mental illness. I told him I enjoyed every second of it.