Friday, August 16, 2019

linux - Virtual Host Web Files Not Being Served



I am attempting to serve web files via virtual host, but Apache keep blocking the directory's files. All that will show is the default Apache Welcome page.




index.html gets a permissions error, and index2.html (which does not exist) get file not found error - as expected; so the virtual host conf files are being read.



Error Log:



(13)Permission denied: access to /index.html denied


httpd.conf



ServerTokens OS

ServerRoot "/etc/httpd"
PidFile run/httpd.pid
Timeout 60
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 15

StartServers       8
MinSpareServers    5
MaxSpareServers   20

ServerLimit      256
MaxClients       256
MaxRequestsPerChild  4000


StartServers         4
MaxClients         300
MinSpareThreads     25
MaxSpareThreads     75
ThreadsPerChild     25

MaxRequestsPerChild  0

Listen 80
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so

LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so

LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so

LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so

LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule substitute_module modules/mod_substitute.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so

LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so
Include conf.d/*.conf
User apache
Group apache
ServerAdmin root@localhost
UseCanonicalName Off

DocumentRoot "/var/www/html"

    Options FollowSymLinks
    AllowOverride None


    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all



    UserDir disabled

DirectoryIndex index.html index.html.var index.php
AccessFileName .htaccess

    Order allow,deny
    Deny from all
    Satisfy All


TypesConfig /etc/mime.types
DefaultType text/plain

    MIMEMagicFile conf/magic

HostnameLookups Off
ErrorLog logs/error_log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
CustomLog logs/access_log combined
ServerSignature On
Alias /icons/ "/var/www/icons/"

    Options Indexes MultiViews FollowSymLinks
    AllowOverride None
    Order allow,deny

    Allow from all


    # Location of the WebDAV lock database.
    DAVLockDB /var/lib/dav/lockdb

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

    AllowOverride None
    Options None

    Order allow,deny
    Allow from all

IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable Charset=UTF-8
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe

AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for

AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
DefaultIcon /icons/unknown.gif

ReadmeName README.html
HeaderName HEADER.html
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo

AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl

AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw
LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW

ForceLanguagePriority Prefer Fallback
AddDefaultCharset UTF-8
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl
AddHandler type-map var
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Alias /error/ "/var/www/error/"



    
        AllowOverride None
        Options IncludesNoExec
        AddOutputFilter Includes html
        AddHandler type-map var
        Order allow,deny
        Allow from all
        LanguagePriority en es de fr

        ForceLanguagePriority Prefer Fallback
    


BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully

BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
NameVirtualHost *
Include vhosts.d/*.conf



Example of an included vhost file created via WebMin (myvhostname.conf):




    DocumentRoot /srv/vhosts/myvhostname/htdocs
    ServerName mydomainname.com
    
        allow from all
        Options +Indexes




Permissions:



/etc/httpd/vhosts.d - 751 root:root
/etc/httpd/vhosts.d/(configuration files) - 644 root:root
/srv/vhosts - 751 root:root
/srv/vhosts/(vhost directories) - 751 root:root
/srv/vhosts/(vhost directories)/htdocs - 751 apache:apache
/srv/vhosts/(vhost directories)/htdocs/(web files) - 644 apache:apache



htdocs Permissions



-rw-r--r--.  1 apache apache     0 Apr 14 09:28 index.html
-rw-r--r--.  1 apache apache   418 Sep 24  2013 index.php
-rw-r--r--.  1 apache apache 19929 Jan 18  2013 license.txt
-rw-r--r--.  1 apache apache  7185 Apr  7 15:40 readme.html
-rw-r--r--.  1 apache apache  4892 Oct  4  2013 wp-activate.php
drwxr-xr-x.  9 apache apache  4096 Apr  8 14:44 wp-admin

-rw-r--r--.  1 apache apache   271 Jan  8  2012 wp-blog-header.php
-rw-r--r--.  1 apache apache  4795 Sep  5  2013 wp-comments-post.php
-rw-r--r--.  1 apache apache  3087 Oct 24 18:58 wp-config-sample.php
drwxr-xr-x.  4 apache apache  4096 Apr  8 14:44 wp-content
-rw-r--r--.  1 apache apache  2932 Sep 24  2013 wp-cron.php
drwxr-xr-x. 12 apache apache  4096 Apr  8 14:44 wp-includes
-rw-r--r--.  1 apache apache  2380 Oct 24 18:58 wp-links-opml.php
-rw-r--r--.  1 apache apache  2359 Oct 24 18:58 wp-load.php
-rw-r--r--.  1 apache apache 31909 Dec  3 15:12 wp-login.php
-rw-r--r--.  1 apache apache  8235 Nov 13 06:58 wp-mail.php

-rw-r--r--.  1 apache apache 10880 Nov  4 19:24 wp-settings.php
-rw-r--r--.  1 apache apache 25665 Nov 12 22:23 wp-signup.php
-rw-r--r--.  1 apache apache  4026 Oct 24 18:58 wp-trackback.php
-rw-r--r--.  1 apache apache  3015 Oct 24 22:29 xmlrpc.php

Answer



It might be an SELinux problem. Make sure that the context of your htdocs folder and it's subfolders/files are set to httpd_sys_content_t.



See http://wiki.centos.org/HowTos/SELinux for more details on all the different apache contexts.


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...