How to solve apache 403 forbidden?
apache httpd server 403 forbidden problem
1. Problem description
In the httpd configuration of apache2 , 403 will appear in many situations.
Just installed the httpd service, of course there will be no 403 problem. It mainly occurred after modifying some configurations. The problem is described as follows:
After modifying the DocumentRoot directory pointing, a 403 error occurred on the site.
Setting up a virtual host directory may also cause 403.
Apache's httpd service started successfully. It looks normal, but it does not have permission to access.
The log appears: access to / denied (filesystem path '/srv/lxyproject/wsgi/django.wsgi ') because search permissions are missing on a component of the path
After setting the virtual directory, the error log appears: client denied by server configuration: /srv/lxyproject/wsgi/django.wsgi
2. Analysis of problems and solutions
Pay attention to the error log content when solving the problem step by step below. OK, start.
1. Directory configuration file in httpd.conf
If it shows that the DocumentRoot has been changed, for example, it is changed to "/usr/local/site/test". The site directory and test directory are created by using mkdir, and then an index.html is placed under the test directory. In this case, you should check the configuration in httpd.conf.
Your
<Directory "/usr/local/site/test">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Require all granted
</Directory>2. Directory access permissions
The first step is correct if the configuration is still 403, check whether there is Deny from in the directory configuration
Can be set to Allow from all or Require all granted to process.
Do not modify Deny from all in the root directory of
3. Directory permissions
If it is still 403, it may be a permission issue with the website directory.
Apache requires the directory to have execution permissions, which is x. It should be noted that your directory tree should have these permissions.
If your directory is /usr/local/site/test, then ensure the four levels of /usr, /usr/local, /usr/local/site, /usr/local/site/test All directories have 755 permissions.
#chmod 755 /usr/local/site #chmod 755 /usr/local/site/test
One mistake I made was that I only set the last-level directory permissions and did not set the upper-level directory permissions, resulting in 403.
4. Virtual Directory
[I have never encountered this problem, because I have never written it like this. The online information says this, which can be used as a reference]
If it is set is a virtual directory, then you need to define a virtual directory in httpd.conf, and it looks like the following fragment:
Alias /folder "/usr/local/folder"
<Directory "/usr/local/folder">
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.1 192.168.1.1
</Directory>If this is the case, and you write something similar to my code above, three Every folder is the same, it will definitely be 403! How to solve it is to change the string after the slash after Alias. Change it to something that does not have the same name as the folder of the virtual directory. Then I can use the changed virtual directory to access it. Of course, change it. Folders are also OK, as long as you are not afraid of trouble and as long as the virtual directory definition characters (red) behind Alias and the actual folder name (black) are different, it will be OK.
5. Selinux problem
If it is still 403, then selinux is causing trouble. Therefore, you can set the selinux permissions on your directory.
I encountered this problem today.
#chcon -R -t httpd_sys_content_t /usr/local/site #chcon -R -t httpd_sys_content_t /usr/local/site/test
Online information says that most of this step will not happen. But my problem is indeed that it may be related to the system, and I don’t quite understand the specific principle.
6. Problems with wsgi
My virtual host configuration is:
<VirtualHost *:80>
WSGIScriptAlias / /srv/lxyproject/wsgi/django.wsgi
Alias /static/ /srv/lxyproject/collectedstatic/
ServerName 10.1.101.31
#ServerName example.com
#ServerAlias www.example.com
<Directory /srv/lxyproject/collectedstatic>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<Directory /srv/lxyproject/wsgi/>
Allow from all
</Directory>
ErrorLog /etc/httpd/logs/lxyproject.error.log
LogLevel warn
</VirtualHost>I access the
log error:
client denied by server configuration: /srv/lxyproject/wsgi/django.wsgi
Solution Method:
Modify Allow from all in
This problem is due to the version.
My httpd version is:
[root@yl-web conf.d]# rpm -qa |grep httpd httpd-devel-2.4.6-31.el7.centos.x86_64 httpd-tools-2.4.6-31.el7.centos.x86_64 httpd-2.4.6-31.el7.centos.x86_64
For versions below 2.3, use Allow from all, and for versions 2.3 and above, use Require all granted. .
<Directory /home/aettool/aet/apache> <IfVersion < 2.3 > Order allow,deny Allow from all </IfVersion> <IfVersion >= 2.3> Require all granted </IfVersion> </Directory>
The above is the detailed content of How to solve apache 403 forbidden. For more information, please follow other related articles on the PHP Chinese website!
Apache's Legacy: What Made It Famous?Apr 15, 2025 am 12:19 AMApachebecamefamousduetoitsopen-sourcenature,modulardesign,andstrongcommunitysupport.1)Itsopen-sourcemodelandpermissiveApacheLicenseencouragedwidespreadadoption.2)Themodulararchitectureallowedforextensivecustomizationandadaptability.3)Avibrantcommunit
The Advantages of Apache: Performance and FlexibilityApr 14, 2025 am 12:08 AMApache's performance and flexibility make it stand out in a web server. 1) Performance advantages are reflected in efficient processing and scalability, which are implemented through multi-process and multi-threaded models. 2) Flexibility stems from the flexibility of modular design and configuration, allowing modules to be loaded and server behavior adjusted according to requirements.
What to do if the apache80 port is occupiedApr 13, 2025 pm 01:24 PMWhen the Apache 80 port is occupied, the solution is as follows: find out the process that occupies the port and close it. Check the firewall settings to make sure Apache is not blocked. If the above method does not work, please reconfigure Apache to use a different port. Restart the Apache service.
How to solve the problem that apache cannot be startedApr 13, 2025 pm 01:21 PMApache cannot start because the following reasons may be: Configuration file syntax error. Conflict with other application ports. Permissions issue. Out of memory. Process deadlock. Daemon failure. SELinux permissions issues. Firewall problem. Software conflict.
How to set the cgi directory in apacheApr 13, 2025 pm 01:18 PMTo set up a CGI directory in Apache, you need to perform the following steps: Create a CGI directory such as "cgi-bin", and grant Apache write permissions. Add the "ScriptAlias" directive block in the Apache configuration file to map the CGI directory to the "/cgi-bin" URL. Restart Apache.
How to view your apache versionApr 13, 2025 pm 01:15 PMThere are 3 ways to view the version on the Apache server: via the command line (apachectl -v or apache2ctl -v), check the server status page (http://<server IP or domain name>/server-status), or view the Apache configuration file (ServerVersion: Apache/<version number>).
How to restart the apache serverApr 13, 2025 pm 01:12 PMTo restart the Apache server, follow these steps: Linux/macOS: Run sudo systemctl restart apache2. Windows: Run net stop Apache2.4 and then net start Apache2.4. Run netstat -a | findstr 80 to check the server status.
How to delete more than server names of apacheApr 13, 2025 pm 01:09 PMTo delete an extra ServerName directive from Apache, you can take the following steps: Identify and delete the extra ServerName directive. Restart Apache to make the changes take effect. Check the configuration file to verify changes. Test the server to make sure the problem is resolved.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
SublimeText3 Chinese version
Chinese version, very easy to use
SublimeText3 Mac version
God-level code editing software (SublimeText3)
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
Dreamweaver Mac version
Visual web development tools
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
