Web Issues - Access Forbidden!

falko · Jun 18, 2006

salamankero said:

My issue seems to be similar to this, but not quite exact.

I installed this on an existing fedora core 3 system using the perfect install guide. When I setup a site and tried to access it, I would always get the default Apache site. After looking through the httpd.conf file I noticed there was no include for the Vhosts_ispconfig.conf file. I also looked at the Server Settings and noticed that the directory/filename for the httpd.conf file was wrong.

I added the correct path to the conf dir, and the full path to the httpd.conf file in Server Settings, deleted and recreated my site, and added an Include in Apache's httpd.conf file to include the Vhosts_ispconfig.conf file. When I do a reload of apache I get:

(13)Permission denied: httpd: could not open error log file /home/www/web6/log/error.log.
Unable to open logs

in my /etc/httpd/logs/error_log file and

Starting httpd: Warning: DocumentRoot [/home/www/web5/web] does not exist
[FAILED]

to the console.

I have tried playing with file permissions and ownerships, but nothing has helped. I am wondering if during the setup process ISPConfig didn't know where to find my httpd.conf file so some changes didn't get made there (say a Directory permission setting).

I was hoping someone could send me a copy of their httpd.conf file or give me a solution to my problem that I may not be thinking of.

Thanks in advance!

Sal...
Click to expand...

Please open a new thread for this topic. It's not related to this thread's topic.

elCorazon · Jun 21, 2006

ok for PHP, but what about the filesystem

falko said:

ISPConfig sets all directories underneath /var/www/webX/web to webX_admin:webX, with the directories having permissions of 755.

You can make all webs use PHP Safe Mode, so that no PHP scripts can break out of their web site, and/or you can use suPHP: http://www.howtoforge.com/apache2_suphp_php4_php5
Click to expand...

OK, its true I don't have a problem when running php in safe mode with basedir restriction... But what about the users that do ssh? They can cd into every users directory and read every file??
There have to be DB-passwords somewhere...

I don't think that it is a good idea to give world read permission to any user directory by ISPconfig...
Just a thought... I can't see any good alternative to ISPconfig and I think I will be happy with it, but this one thing I don't like too much. Think I'm gonna remove it from the code on my own and maybe find another solution as posted above.

Anyway, thanks for the tool

till · Jun 21, 2006

elCorazon said:

But what about the users that do ssh?
Click to expand...

You may use chroot ssh. The next ISPConfig Dev release and maybe also the next stable relaese will have ChrootSSH support by default.

falko · Jun 22, 2006

I've written achrooted SSH tutorial: http://www.howtoforge.com/chrooted_ssh_howto_debian
Maybe it helps you.

Log in or Sign up

Web Issues - Access Forbidden!

falko Super Moderator Howtoforge Staff

elCorazon New Member

till Super Moderator Staff Member ISPConfig Developer

falko Super Moderator Howtoforge Staff

Share This Page

Log in or Sign up

Web Issues - Access Forbidden!

falko Super Moderator Howtoforge Staff

elCorazon New Member

till Super Moderator Staff Member ISPConfig Developer

falko Super Moderator Howtoforge Staff

Share This Page

Useful Searches