Html Apache 给出 403 禁止错误
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/18447454/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Apache giving 403 forbidden errors
提问by
Ok, so i've previously set up two virtual hosts and they are working cool. they both house simple web projects and work fine with http://project1and http://project2in the browser.
好的,所以我之前设置了两个虚拟主机,它们运行良好。它们都包含简单的 Web 项目,http://project1并且可以http://project2在浏览器中正常工作。
Anyway, I've come to add another vhost. I edited the /etc/hosts file with 127.0.0.1 project3 and also updated the httpd-vhosts.conf file by copy and pasting the previous entries for project2 and editing the file path.
无论如何,我是来添加另一个虚拟主机的。我用 127.0.0.1 project3 编辑了 /etc/hosts 文件,并通过复制和粘贴 project2 的先前条目并编辑文件路径来更新 httpd-vhosts.conf 文件。
I've checked all the file and folder permissions (in fact I copied and pasted from project2) and simply put a "hello world" message in the index.php file.
我已经检查了所有文件和文件夹的权限(实际上我是从 project2 复制粘贴的),并在 index.php 文件中简单地放置了一条“hello world”消息。
I get a 403 forbidden permission denied message when accessing http://project3
访问时收到 403 forbidden permission denied 消息 http://project3
Why is this, I just can figure out what step I've missed as everything seems to be set up correct.
为什么会这样,我只能弄清楚我错过了什么步骤,因为一切似乎都设置正确。
采纳答案by blue112
Check that :
检查:
- Apache can physically access the file (the user that run apache, probably www-data or apache, can access the file in the filesystem)
- Apache can list the content of the folder (read permission)
- Apache has a "Allow" directive for that folder. There should be one for /var/www/, you can check default vhost for example.
- Apache 可以物理访问文件(运行 apache 的用户,可能是 www-data 或 apache,可以访问文件系统中的文件)
- Apache 可以列出文件夹的内容(读取权限)
- Apache 对该文件夹有一个“允许”指令。/var/www/ 应该有一个,例如您可以检查默认虚拟主机。
Additionally, you can look at the error.log file (usually located at /var/log/apache2/error.log) which will describe why you get the 403 error exactly.
此外,您可以查看 error.log 文件(通常位于/var/log/apache2/error.log),该文件将准确描述您收到 403 错误的原因。
Finally, you may want to restart apache, just to be sure all that configuration is applied.
This can be generally done with /etc/init.d/apache2 restart. On some system, the script will be called httpd. Just figure out.
最后,您可能需要重新启动 apache,以确保应用所有配置。这通常可以通过/etc/init.d/apache2 restart. 在某些系统上,该脚本将被称为 httpd。就想办法。
回答by Cameron Hudson
I just fixed this issue after struggling for a few days. Here's what worked for me:
经过几天的努力,我刚刚解决了这个问题。以下是对我有用的内容:
First, check your Apache error_logfile and look at the most recent error message.
首先,检查您的 Apacheerror_log文件并查看最新的错误消息。
If it says something like:
access to /mySite denied (filesystem path '/Users/myusername/Sites/mySite') because search permissions are missing on a component of the paththen there is a problem with your file permissions. You can fix them by running these commands from the terminal:
$ cd /Users/myusername/Sites/mySite $ find . -type f -exec chmod 644 {} \; $ find . -type d -exec chmod 755 {} \;Then, refresh the URL where your website should be (such as
http://localhost/mySite). If you're still getting a 403 error, and if your Apacheerror_logstill says the same thing, then progressively move up your directory tree, adjusting the directory permissions as you go. You can do this from the terminal by:$ cd .. $ chmod 755 mySiteIf necessary, continue with:
$ cd .. $ chmod Sitesand, if necessary,
$ cd .. $ chmod myusernameDO NOTgo up farther than that. You could royally mess up your system. If you still get the error that says
search permissions are missing on a component of the path, I don't know what you should do. However, I encountered a different error (the one below) which I fixed as follows:If your
error_logsays something like:client denied by server configuration: /Users/myusername/Sites/mySitethen your problem is not with your file permissions, but instead with your Apache configuration.
Notice that in your
httpd.conffile, you will see a default configuration like this (Apache 2.4+):<Directory /> AllowOverride none Require all denied </Directory>or like this (Apache 2.2):
<Directory /> Order deny,allow Deny from all </Directory>DO NOTchange this! We will not override these permissions globally, but instead in your
httpd-vhosts.conffile. First, however, make sure that your vhostIncludeline inhttpd.confis uncommented. It should look like this. (Your exact path may be different.)# Virtual hosts Include etc/extra/httpd-vhosts.confNow, open the
httpd-vhosts.conffile that you justIncluded. Add an entry for your webpage if you don't already have one. It should look something like this. TheDocumentRootandDirectorypaths should be identical, and should point to wherever yourindex.htmlorindex.phpfile is located. For me, that's within thepublicsubdirectory.For Apache 2.2:
<VirtualHost *:80> # ServerAdmin [email protected] DocumentRoot "/Users/myusername/Sites/mySite/public" ServerName mysite # ErrorLog "logs/dummy-host2.example.com-error_log" # CustomLog "logs/dummy-host2.example.com-access_log" common <Directory "/Users/myusername/Sites/mySite/public"> Options Indexes FollowSymLinks Includes ExecCGI AllowOverride All Order allow,deny Allow from all Require all granted </Directory> </VirtualHost>The lines saying
AllowOverride All Require all grantedare critical for Apache 2.4+. Without these, you will not be overriding the default Apache settings specified in
httpd.conf. Note that if you are using Apache 2.2, these lines should instead sayOrder allow,deny Allow from allThis change has been a major source of confusion for googlers of this problem, such as I, because copy-pasting these Apache 2.2 lines will not work in Apache 2.4+, and the Apache 2.2 lines are still commonly found on older help threads.
Once you have saved your changes, restart Apache. The command for this will depend on your OS and installation, so google that separately if you need help with it.
如果它说的是:
access to /mySite denied (filesystem path '/Users/myusername/Sites/mySite') because search permissions are missing on a component of the path那么你的文件权限有问题。您可以通过从终端运行这些命令来修复它们:
$ cd /Users/myusername/Sites/mySite $ find . -type f -exec chmod 644 {} \; $ find . -type d -exec chmod 755 {} \;然后,刷新您的网站应位于的 URL(例如
http://localhost/mySite)。如果您仍然收到 403 错误,并且您的 Apacheerror_log仍然说同样的话,那么逐渐向上移动您的目录树,并随时调整目录权限。您可以通过以下方式从终端执行此操作:$ cd .. $ chmod 755 mySite如有必要,请继续:
$ cd .. $ chmod Sites并且,如有必要,
$ cd .. $ chmod myusername不要走得更远。你可以彻底搞砸你的系统。如果您仍然收到说 的错误
search permissions are missing on a component of the path,我不知道您应该做什么。但是,我遇到了一个不同的错误(下面的一个),我修复了如下:如果你
error_log说的是:client denied by server configuration: /Users/myusername/Sites/mySite那么您的问题不在于您的文件权限,而在于您的 Apache 配置。
请注意,在您的
httpd.conf文件中,您将看到这样的默认配置(Apache 2.4+):<Directory /> AllowOverride none Require all denied </Directory>或者像这样(Apache 2.2):
<Directory /> Order deny,allow Deny from all </Directory>不要改变这个!我们不会全局覆盖这些权限,而是在您的
httpd-vhosts.conf文件中。但是,首先,请确保您的 vhostInclude行httpd.conf是uncommented。它应该是这样的。(您的确切路径可能会有所不同。)# Virtual hosts Include etc/extra/httpd-vhosts.conf现在,打开
httpd-vhosts.conf您刚刚创建的文件Include。如果您还没有,请为您的网页添加一个条目。它应该看起来像这样。该DocumentRoot和Directory路径应该是相同的,而应指向哪里你index.html或index.php文件的位置。对我来说,那是在public子目录中。对于 Apache 2.2:
<VirtualHost *:80> # ServerAdmin [email protected] DocumentRoot "/Users/myusername/Sites/mySite/public" ServerName mysite # ErrorLog "logs/dummy-host2.example.com-error_log" # CustomLog "logs/dummy-host2.example.com-access_log" common <Directory "/Users/myusername/Sites/mySite/public"> Options Indexes FollowSymLinks Includes ExecCGI AllowOverride All Order allow,deny Allow from all Require all granted </Directory> </VirtualHost>台词说
AllowOverride All Require all granted对 Apache 2.4+ 至关重要。如果没有这些,您将不会覆盖
httpd.conf. 请注意,如果您使用的是 Apache 2.2,这些行应该改为Order allow,deny Allow from all这一变化一直是这个问题的 googlers 混淆的主要来源,比如我,因为复制粘贴这些 Apache 2.2 行在 Apache 2.4+ 中不起作用,而 Apache 2.2 行仍然常见于较旧的帮助线程中。
保存更改后,重新启动 Apache。此命令将取决于您的操作系统和安装,因此如果您需要帮助,请单独使用谷歌搜索。
I hope this helps someone else!
我希望这对其他人有帮助!
PS: If you are having trouble finding these .conffiles, try running the findcommand, such as:
PS:如果找不到这些.conf文件,请尝试运行find命令,例如:
$ find / -name httpd.conf
回答by sangeetha
restoreconcommand works as below :
restorecon命令的工作原理如下:
restorecon -v -R /var/www/html/
回答by mikemay
The server may need read permission for your home directory and .htaccess therein
服务器可能需要您的主目录和其中的 .htaccess 的读取权限
回答by Sanjay Bharwani
In my case it was failing as the IP of my source server was not whitelisted in the target server.
在我的情况下,它失败了,因为我的源服务器的 IP 没有在目标服务器中列入白名单。
For e.g. I was trying to access https://prodcat.ref.test.co.ukfrom application running on my source server. On source server find IP by ifconfig
例如,我试图从我的源服务器上运行的应用程序访问https://prodcat.ref.test.co.uk。在源服务器上通过 ifconfig 查找 IP
This IP should be whitelisted in the target Server's apache config file. If its not then get it whitelist.
此 IP 应在目标服务器的 apache 配置文件中列入白名单。如果不是,则将其列入白名单。
Steps to add a IP for whitelisting (if you control the target server as well) ssh to the apache server sudo su - cd /usr/local/apache/conf/extra (actual directories can be different based on your config)
将 IP 添加到白名单的步骤(如果您也控制目标服务器) ssh 到 apache 服务器 sudo su - cd /usr/local/apache/conf/extra (实际目录可能因您的配置而异)
Find the config file for the target application for e.g. prodcat-443.conf
找到目标应用程序的配置文件,例如 prodcat-443.conf
RewriteCond %{REMOTE_ADDR} <YOUR Server's IP>
for e.g.
RewriteCond %{REMOTE_ADDR} !^192\.68\.2\.98
Hope this helps someone
希望这有助于某人
回答by S V Aditya
You can try disabling selinux and try once again using the following command
您可以尝试禁用 selinux 并使用以下命令重试
setenforce 0
