I've been stuck on this issue for 3 days now. I can access the www folder, but when i try to access a subfolder , i get the 403 Forbidden. Checking the Apache error log , i got this :
[Wed Oct 23 13:04:42.597752 2019] [access_compat:error] [pid 60180]
[client 127.0.0.1:56676] AH01797: client denied by server
configuration: /users/admin/Library/Mobile
Documents/com~apple~CloudDocs/www/soft/public_html/, referer:
http://127.0.0.1/
Here is how it's configured on httpd.conf :
DocumentRoot "/users/admin/Library/Mobile Documents/com~apple~CloudDocs/www"
<Directory "/users/admin/Library/Mobile Documents/com~apple~CloudDocs/www">
Options +FollowSymLinks +Multiviews +SymLinksIfOwnerMatch +Indexes
MultiviewsMatch Any
AllowOverride All
Allow from All
Require all granted
</Directory>
I have several other subfolders inside www that i can access, only the 'soft' folder get me the error.
Please help !
Related
I'm trying to setup my laravel application on different server centos 7 running httpd
my old configuration on other servers: i always setup document root to be in "laravelProjectDir/public"
however in this server i've tried the following:
here is my apache config file:
<IfModule mod_ssl.c>
<VirtualHost subdomain.domain.com:443>
ServerName subdomain.domain.com
ServerAdmin email#gmail.com
DocumentRoot /home/MyUser/public_html/subDomain/public2
<Directory /home/MyUser/public_html/subDomain/public2/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
Require all granted
</Directory>
LogLevel debug
ErrorLog /home/MyUser/log-subDomain.txt
CustomLog /home/MyUser/customlog-subDomain.txt combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/subdomain.domain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.domain.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/subdomain.domain.com/chain.pem
</VirtualHost>
</IfModule>
============================================================
Option 1
public2 which is Laravel root directory is the Apache RootDocument
accessing website from web browser with following link: https://subdomain.domain.com**/public** works good (all files in public are shown + routes work)
accessing website from web browser with following link: https://subdomain.domain.com/ routes works but all files inside public now doesn't show (ERROR 404)
==============================================================
Option 2
this is the option that always worked for me on my previous servers but not on this server.
public2/public <-- laravelRoot/public/ directory is the Apache RootDocument
/etc/httpd/sites-enabled < changed the following lines:
DocumentRoot /home/MyUser/public_html/subDomain/public2/public
<Directory /home/MyUser/public_html/subDomain/public2/public/>
result:
500 Internal Server Error
Apache Log:
[Sat Mar 06 11:32:42.550524 2021] [core:alert] [pid 6173] [client 109.161.x.x:8789] /home/myUser/public_html/subDomain/public2/.htaccess: Options not allowed here, referer: https://subdomain.domain.com/public/home
[Sat Mar 06 11:32:42.550695 2021] [ssl:debug] [pid 6173] ssl_engine_io.c(993): [client 109.161.x.x:8789] AH02001: Connection closed to child 1 with standard shutdown (server subdomain.domain.com:443)
[Sat Mar 06 11:32:44.626866 2021] [ssl:debug] [pid 6174] ssl_engine_kernel.c(225): [client 109.161.x.x:8790] AH02034: Initial (No.1) HTTPS request received for child 2 (server subdomain.domain.com:443)
[Sat Mar 06 11:32:44.627360 2021] [core:alert] [pid 6174] [client 109.161.x.x:8790] /home/myUser/public_html/subDomain/public2/.htaccess: Options not allowed here
[Sat Mar 06 11:32:44.627537 2021] [ssl:debug] [pid 6174] ssl_engine_io.c(993): [client 109.161.x.x:8790] AH02001: Connection closed to child 2 with standard shutdown (server subdomain.domain.com:443)
[Sat Mar 06 11:32:45.126934 2021] [ssl:debug] [pid 6176] ssl_engine_kernel.c(225): [client 109.161.x.x:8791] AH02034: Initial (No.1) HTTPS request received for child 4 (server subdomain.domain.com:443), referer: https://subdomain.domain.com/
[Sat Mar 06 11:32:45.127497 2021] [core:alert] [pid 6176] [client 109.161.x.x:8791] /home/myUser/public_html/subDomain/public2/.htaccess: Options not allowed here, referer: https://subdomain.domain.com/
[Sat Mar 06 11:32:45.127686 2021] [ssl:debug] [pid 6176] ssl_engine_io.c(993): [client 109.161.x.x:8791] AH02001: Connection closed to child 4 with standard shutdown (server subdomain.domain.com:443)
what is the issue here. why Apache cant allow options while I'm already setting it up with .htaccess and AllowOverride all ?
I am trying to configure mod_jk for apache2 in front of tomcat7 but I'm getting a following error:
mod_jk.log[Error]:jk_uri_worker_map.c (580): Could not find worker
with name '/var/lib/tomcat7/conf/workers.properties' in uri map post
processing
workers.properties is in tomcat7/conf/
jk.conf is in apache2/mods-enabled/
000-default.conf is in apache2/sites-enabled/
workers.properties
`workers.tomcat_home=/var/lib/tomcat7
workers.java_home=/usr/lib/jvm/java-8-openjdk-amd64
ps=/
worker.list=worker1
worker.worker1.type=ajp13
worker.worker1.host=xxxx.com
worker.worker1.port=8009
worker.ajp13_worker.lbfactor=1
worker.worker1.mount=/*
# configure jk-status
worker.list=jk-status
worker.jk-status.type=status
worker.jk-status.read_only=true
#configure jk-manager
worker.list=jk-manager
worker.jk-manager.type=status`
jk.conf
`<IfModule jk_module>
JkWorkersFile /var/lib/tomcat7/conf/workers.properties
JkLogFile /var/log/apache2/mod_jk.log
JkLogLevel debug
JkShmFile /var/log/apache2/jk-runtime-status
JkOptions +RejectUnsafeURI +ForwardKeySize +ForwardURICompat
JkWatchdogInterval 60
JkMount /* worker1
<Location /jk-status>
# Inside Location we can omit the URL in JkMount
JkMount jk-status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
<Location /jk-manager>
# Inside Location we can omit the URL in JkMount
JkMount jk-manager
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>`
000-default.conf
<VirtualHost *:80>
<Directory /var/www/html>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [L,R=301]
JkMount /* worker1
JkMountCopy On
</VirtualHost>
mod_jk.log
[Tue Mar 06 12:27:55.370 2018] [14733:140153319872384] [debug] wc_get_worker_for_name::jk_worker.c (120): did not find a worker /var/lib/tomcat7/conf/workers.properties
[Tue Mar 06 12:27:55.370 2018] [14733:140153319872384] [error] extension_fix::jk_uri_worker_map.c (580): Could not find worker with name '/var/lib/tomcat7/conf/workers.properties' in uri map post processing.
[Tue Mar 06 12:27:55.370 2018] [14733:140153319872384] [debug] wc_get_worker_for_name::jk_worker.c (120): did not find a worker /var/lib/tomcat7/conf/workers.properties
[Tue Mar 06 12:27:55.370 2018] [14733:140153319872384] [error] extension_fix::jk_uri_worker_map.c (580): Could not find worker with name '/var/lib/tomcat7/conf/workers.properties' in uri map post processing.
<IfModule mod_fcgid.c>
<Directory "C:\Apache24">
SetHandler fcgi-script
Order Allow,deny
Allow from all
Require all granted
</Directory>
ScriptAlias /host1/ "C:\http\fast_cgi.exe"
In log file access:
::1 - - [30/Aug/2016:17:06:49 -0300] "GET /host1/ HTTP/1.1" 403 215
GitLab can be started and shows as running. When running curl git.myserver.com, this fails with HTTP 503. No interesting entries in the unicorn.stderr.log or unicorn.stdout.log.
Versions:
GitLab 6.5.1
Apache 2.4.6
Ubuntu 13.10
sites-available/git.myserver.com:
<VirtualHost *:80>
ServerName git.myserver.com
DocumentRoot /home/git/gitlab/public
<Directory /home/git/gitlab/public>
AllowOverride All
Options -MultiViews
</Directory>
ProxyPass /uploads !
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
ProxyPreserveHost on
</VirtualHost>
config/unicorn.rb:
worker_processes 2
listen "/home/git/gitlab/tmp/sockets/gitlab.socket", :backlog => 64
listen "127.0.0.1:8080", :tcp_nopush => true
timeout 900
config/gitlab.yml:
gitlab:
## Web server settings
host: git.myserver.com
port: 80
https: false
Apache access log file:
SOMEIPADDRESS - - [17/Feb/2014:20:25:20 +0000] "GET / HTTP/1.1" 503 566 "-" "curl/7.32.0"
Apache error log file:
[Mon Feb 17 20:25:08.919614 2014] [proxy_http:error] [pid 1321:tid 139972136904448] [client SOMEIPADDRESS:48578] AH01114: HTTP: failed to make connection to backend: 127.0.0.1
[Mon Feb 17 20:25:20.114281 2014] [proxy:error] [pid 2092:tid 140263968208640] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:8080 (127.0.0.1) failed
[Mon Feb 17 20:25:20.114353 2014] [proxy:error] [pid 2092:tid 140263968208640] AH00959: ap_proxy_connect_backend disabling worker for (127.0.0.1) for 60s
[Mon Feb 17 20:25:20.114364 2014] [proxy_http:error] [pid 2092:tid 140263968208640] [client SOMEIPADDRESS:48580] AH01114: HTTP: failed to make connection to backend: 127.0.0.1
Solved. I had used Ruby 2.1.0 while the install guide tells to use Ruby 2.0.0. Closely re-installed and restored the backup, which now works perfectly.
I have a big problem with websockets and my reverse proxy configuration on Apache. When I access Tomcat directly, the application with websockets works perfectly. But as soon is I try it with Apache, the websockets are not working.
I use:
Tomcat 7.0.42 on Windows
Apache 2.4.6 on Windows
<VirtualHost _default_:80>
ServerName myserver
RewriteEngine on
RedirectMatch ^/$ /myserver/
RewriteRule ^/myserver$ /myserver/ [R]
RewriteRule ^/myserver/active$ /myserver/active/ [R]
ProxyRequests Off
ProxyPreserveHost On
ProxyVia On
<Proxy *>
AddDefaultCharset off
Order deny,allow
Allow from all
</Proxy>
LogLevel debug
ProxyHTMLEnable On
ProxyHTMLBufSize 102400
ProxyHTMLExtended On
ProxyHTMLStripComments Off
ProxyHTMLDocType "<!DOCTYPE html>" XML
ProxyHTMLMeta On
DocumentRoot "${SRVROOT}/htdocs/"
<Location /myserver/active/ws/atmsphr/>
ProxyPass ws://localhost:8080/myapp/ws/atmsphr/
ProxyPassReverse ws://localhost:8080/myapp/ws/atmsphr/
</Location>
ProxyPass /myserver/active/ ajp://localhost:8009/myapp/
ProxyHTMLURLMap ajp://localhost:8009/myapp /myserver/active/
<Location /myserver/active/>
ProxyPassReverse ajp://localhost:8009/myapp/
SetOutputFilter proxy-html
ProxyHTMLURLMap /myapp/ /myserver/active/
ProxyPassReverseCookiePath /myapp/ /myserver/active/
</Location>
ProxyPass /myserver/ ajp://localhost:8009/mylogin/
ProxyHTMLURLMap ajp://localhost:8009/mylogin /myserver/
<Location /myserver/>
ProxyPassReverse ajp://localhost:8009/mylogin/
SetOutputFilter proxy-html
ProxyHTMLURLMap /mylogin/ /myserver/
ProxyPassReverseCookiePath /mylogin/ /myserver/
</Location>
</VirtualHost>
In the Apache logs I can see that the workers were initialized:
[Tue Oct 22 17:25:21.625342 2013] [proxy:debug] [pid 4116:tid 164] proxy_util.c(1693): AH00925: initializing worker ws://localhost:8080/myapp/ws/atmsphr/ shared
[Tue Oct 22 17:25:21.625342 2013] [proxy:debug] [pid 4116:tid 164] proxy_util.c(1733): AH00927: initializing worker ws://localhost:8080/myapp/ws/atmsphr/ local
I followed the Ordering ProxyPass Directives, but the first request is processed by mod_proxy_ajp and not by mod_proxy_wstunnel:
[Tue Oct 22 17:26:19.283043 2013] [proxy_http:debug] [pid 4116:tid 840] mod_proxy_http.c(1891): [client 192.168.5.68:49451] AH01113: HTTP: declining URL ajp://localhost:8009/myapp/websock/atmsphr?X-Atmosphere-tracking-id=0&X-Atmosphere-Framework=2.0.2-jquery&X-Atmosphere-Transport=websocket&X-Atmosphere-TrackMessageSize=true&X-Cache-Date=0&Content-Type=application/json&X-atmo-protocol=true
[Tue Oct 22 17:26:19.283043 2013] [proxy_ajp:debug] [pid 4116:tid 840] mod_proxy_ajp.c(713): [client 192.168.5.68:49451] AH00895: serving URL ajp://localhost:8009/myapp/ws/atmsphr?X-Atmosphere-tracking-id=0&X-Atmosphere-Framework=2.0.2-jquery&X-Atmosphere-Transport=websocket&X-Atmosphere-TrackMessageSize=true&X-Cache-Date=0&Content-Type=application/json&X-atmo-protocol=true
What is wrong in my configuration?
After a long research I found a workaround which fullfills my requirements. I've to run this webapplication via HTTPS and with port 443 it works perfectly. I can not explain why there is a problem with the default HTTP port 80, but if I access the webapp through port 443 there is no problem. In addition i tried port 8000 via HTTP und it also works.
Summary:
Port 80 / HTTP --> not working
Port 8000 / HTTP --> working
Port 443 / HTTPS --> working
In conclusion I have an virtual host config for port 80 with a permanent redirct to 443.
It has to do with the effective order of your ProxyPass directives. Have a look at the server-status page to see what it really is. When you embed them in Location blocks the effective order is changed from the order you wrote them in. See the mod_proxy_wstunnel documentation.