Apache config help

Discussion in 'Server Operation' started by Glutch, Sep 19, 2005.

  1. Glutch

    Glutch New Member

    I need a little assistance in setting up Apache 2.0 on SuSE 9.3. I am trying to create virtual servers located on a seperate mount point and cannot get the rights and settings quite right. In essence I am getting the dreaded access denied informational page. Anyone have a favorite document they can point me to to assist in my setup? Thanks in advance for the assist. ;)
     
  2. falko

    falko Super Moderator Howtoforge Staff

    Do you have an index page (like index.html) in the web directory? The access denied page comes up when there's no index page. But maybe the permissions of the web directory are wrong.
     
  3. themachine

    themachine New Member HowtoForge Supporter

    Its safe to say that in most apache installations... as long as the apache user has group ownership of the web directories it should be able to serve the pages. Note that the sub directories will inherit the stricter perms of its parent.

    Forexample.

    Code:
    # ls -lah /home
    drwx------   3 username www-data 4.0K Oct 15 12:01 username
    
    # ls -lah /home/username
    drwxr-sr-x  2 username www-data 4.0K Oct 15 12:01 web
    If this was the case, even though the apache user 'www-data' has read/exec perms on '/home/username/web', it will *not* be able to read/execute because the parent directory '/home/username' is 'drwx------'. In order for the 'www-data' user to be able to read/exec '/home/username/web' you would need to do the following:

    Code:
    # chmod 750 /home/username
    
    # ls -lah /home
    drwxr-x---   3 username www-data 4.0K Oct 15 12:01 username
    And the same goes for '/home'. If '/home' doesn't allow read/execute for user/group/other then you will most likely run into permissions issues.

    As far as permissions, that is the basics to atleast allow access for the apache user. If you don't want group ownership to be the apache user, then the parent/sub dirs need to have aleast 755 permissions to allow everyone to read/traverse the directories in order to hit the webroot.

    Hope that helps.

    [dierkes.themachine]
     

Share This Page