New Web Pages Forbidden

Discussion in 'Installation/Configuration' started by crn_admin, Sep 15, 2006.

  1. crn_admin

    crn_admin New Member

    I installed ISPConfig with no errors. I created a web-site using the interface. When I try to access it I get:

    Forbidden

    You don't have permission to access / on this server.

    Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request

    Any thoughts?
     
  2. till

    till Super Moderator

    Did you follow one of the perfect setup howtos? Either yor directory index setting dioes not include index.html and index.htm pages or you did not load the nescessray apache modules.

    For the correct apache configuration, please have a look at the perfect setup guides, you will find the links on the ispconfig documentation page.
     
  3. crn_admin

    crn_admin New Member

    Perfect Setup

    Sadly, I did follow the "Perfect Setup Guide", to the very letter.
     
  4. crn_admin

    crn_admin New Member

    DirectoryIndex

    As I mention above, I did follow the Perfect Setup guide to the very letter. The only problem I encountered was trying to "apt" php5-dba and php5-readline.

    Below is the DirecotryIndex line from /etc./apache2/httpd.conf:

    DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php5 index.php4 index.php3 index.pl index.html.var

    Below is the APACHE_MODULES line from /etc/sysconfig/apache2:

    APACHE_MODULES="access actions alias auth auth_dbm autoindex cgi dir env expires include log_config mime negotiation setenvif rewrite ssl suexec userdir php4 php5"
     
  5. falko

    falko Super Moderator

    Which one (URL)?
     
  6. crn_admin

    crn_admin New Member

  7. falko

    falko Super Moderator

    What's the output of
    Code:
    ifconfig
    , and what's in your Vhosts_ispconfig.conf?
     
  8. crn_admin

    crn_admin New Member

    Vhosts_ispconfig.conf:

    ###################################
    #
    # ISPConfig vHost Configuration File
    # Version 1.0
    #
    ###################################
    #
    NameVirtualHost 192.168.254.31:80
    <VirtualHost 192.168.254.31:80>
    ServerName localhost
    ServerAdmin root@localhost
    DocumentRoot /var/www/sharedip
    </VirtualHost>
    #
    #
    ######################################
    # Vhost: isptest.crn.org:80
    ######################################
    #
    #
    <VirtualHost 192.168.254.31:80>
    ServerName isptest.crn.org:80
    ServerAdmin webmaster@crn.org
    DocumentRoot /web/hosted/web1/web
    ServerAlias isptest.crn.org
    DirectoryIndex index.html index.htm index.php index.php5 index.php4 index.php3
    ScriptAlias /cgi-bin/ /web/hosted/web1/cgi-bin/
    AddHandler cgi-script .cgi
    AddHandler cgi-script .pl
    ErrorLog /web/hosted/web1/log/error.log
    AddType application/x-httpd-php .php .php3 .php4 .php5
    <Files *.php>
    SetOutputFilter PHP
    SetInputFilter PHP
    </Files>
    <Files *.php3>
    SetOutputFilter PHP
    SetInputFilter PHP
    </Files>
    <Files *.php4>
    SetOutputFilter PHP
    SetInputFilter PHP
    </Files>
    <Files *.php5>
    SetOutputFilter PHP
    SetInputFilter PHP
    </Files>
    php_admin_flag safe_mode Off
    Alias /error/ "/web/hosted/web1/web/error/"
    ErrorDocument 400 /error/invalidSyntax.html
    ErrorDocument 401 /error/authorizationRequired.html
    ErrorDocument 403 /error/forbidden.html
    ErrorDocument 404 /error/fileNotFound.html
    ErrorDocument 405 /error/methodNotAllowed.html
    ErrorDocument 500 /error/internalServerError.html
    ErrorDocument 503 /error/overloaded.html
    AliasMatch ^/~([^/]+)(/(.*))? /web/hosted/web1/user/$1/web/$3
    AliasMatch ^/users/([^/]+)(/(.*))? /web/hosted/web1/user/$1/web/$3
    </VirtualHost>
    #
    #
    #

    ifconfig:

    eth0 Link encap:Ethernet HWaddr 00:13:72:4C:A0:70
    inet addr:192.168.254.31 Bcast:192.168.254.255 Mask:255.255.255.0
    inet6 addr: fe80::213:72ff:fe4c:a070/64 Scope:Link
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:227571 errors:0 dropped:0 overruns:0 frame:0
    TX packets:7510 errors:2 dropped:0 overruns:0 carrier:2
    collisions:7 txqueuelen:1000
    RX bytes:25401884 (24.2 Mb) TX bytes:1135292 (1.0 Mb)
    Base address:0xecc0 Memory:fe6e0000-fe700000

    lo Link encap:Local Loopback
    inet addr:127.0.0.1 Mask:255.0.0.0
    inet6 addr: ::1/128 Scope:Host
    UP LOOPBACK RUNNING MTU:16436 Metric:1
    RX packets:110 errors:0 dropped:0 overruns:0 frame:0
    TX packets:110 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:10941 (10.6 Kb) TX bytes:10941 (10.6 Kb)
     
  9. falko

    falko Super Moderator

    Looks ok. Is Vhosts_ispconfig.conf included in your main Apache configuration?
     
  10. crn_admin

    crn_admin New Member

    here is my httpd.conf. Vhosts_ispconfig.conf does appear to be included (see bottom):

    #
    # /etc/apache2/httpd.conf
    #
    # This is the main Apache server configuration file. It contains the
    # configuration directives that give the server its instructions.
    # See <URL:http://httpd.apache.org/docs-2.0/> for detailed information about
    # the directives.

    # Based upon the default apache configuration file that ships with apache,
    # which is based upon the NCSA server configuration files originally by Rob
    # McCool. This file was knocked together by Peter Poeml <poeml+apache@suse.de>.

    # If possible, avoid changes to this file. It does mainly contain Include
    # statements and global settings that can/should be overridden in the
    # configuration of your virtual hosts.


    # Overview of include files, chronologically:
    #
    # httpd.conf
    # |
    # |-- uid.conf . . . . . . . . . . . . . . UserID/GroupID to run under
    # |-- server-tuning.conf . . . . . . . . . sizing of the server (how many processes to start, ...)
    # |-- sysconfig.d/loadmodule.conf . . . . . [*] load these modules
    # |-- listen.conf . . . . . . . . . . . . . IP adresses / ports to listen on
    # |-- mod_log_config.conf . . . . . . . . . define logging formats
    # |-- sysconfig.d/global.conf . . . . . . . [*] server-wide general settings
    # |-- mod_status.conf . . . . . . . . . . . restrict access to mod_status (server monitoring)
    # |-- mod_info.conf . . . . . . . . . . . . restrict access to mod_info
    # |-- mod_usertrack.conf . . . . . . . . . defaults for cookie-based user tracking
    # |-- mod_autoindex-defaults.conf . . . . . defaults for displaying of server-generated directory listings
    # |-- mod_mime-defaults.conf . . . . . . . defaults for mod_mime configuration
    # |-- errors.conf . . . . . . . . . . . . . customize error responses
    # |-- ssl-global.conf . . . . . . . . . . . SSL conf that applies to default server _and all_ virtual hosts
    # |
    # |-- default-server.conf . . . . . . . . . set up the default server that replies to non-virtual-host requests
    # | |--mod_userdir.conf . . . . . . . . enable UserDir (if mod_userdir is loaded)
    # | `--conf.d/apache2-manual?conf . . . add the docs ('?' = if installed)
    # |
    # |-- sysconfig.d/include.conf . . . . . . [*] your include files
    # | (for each file to be included here, put its name
    # | into APACHE_INCLUDE_* in /etc/sysconfig/apache2)
    # |
    # `-- vhosts.d/ . . . . . . . . . . . . . . for each virtual host, place one file here
    # `-- *.conf . . . . . . . . . . . . . (*.conf is automatically included)
    #
    #
    # Files marked [*] are created from sysconfig upon server restart: instead of
    # these files, you edit /etc/sysconfig/apache2



    # Filesystem layout:
    #
    # /etc/apache2/
    # |-- conf.d/
    # | |-- apache2-manual.conf . . . . . . . conf that comes with apache2-doc
    # | |-- mod_php4.conf . . . . . . . . . . (example) conf that comes with apache2-mod_php4
    # | `-- ... . . . . . . . . . . . . . . . other configuration added by packages
    # |-- default-server.conf
    # |-- errors.conf
    # |-- httpd.conf . . . . . . . . . . . . . top level configuration file
    # |-- listen.conf
    # |-- magic
    # |-- mime.types -> ../mime.types
    # |-- mod_autoindex-defaults.conf
    # |-- mod_info.conf
    # |-- mod_log_config.conf
    # |-- mod_mime-defaults.conf
    # |-- mod_perl-startup.pl
    # |-- mod_status.conf
    # |-- mod_userdir.conf
    # |-- mod_usertrack.conf
    # |-- server-tuning.conf
    # |-- ssl-global.conf
    # |-- ssl.crl/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificate Revocation Lists (CRL)
    # |-- ssl.crt/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificates
    # |-- ssl.csr/ . . . . . . . . . . . . . . PEM-encoded X.509 Certificate Signing Requests
    # |-- ssl.key/ . . . . . . . . . . . . . . PEM-encoded RSA Private Keys
    # |-- ssl.prm/ . . . . . . . . . . . . . . public DSA Parameter Files
    # |-- sysconfig.d/ . . . . . . . . . . . . files that are created from /etc/sysconfig/apache2
    # | |-- global.conf
    # | |-- include.conf
    # | `-- loadmodule.conf
    # |-- uid.conf
    # `-- vhosts.d/ . . . . . . . . . . . . . . put your virtual host configuration (*.conf) here
    # |-- vhost-ssl.template
    # `-- vhost.template



    ### Global Environment ######################################################
    #
    # The directives in this section affect the overall operation of Apache,
    # such as the number of concurrent requests.

    # run under this user/group id
    Include /etc/apache2/uid.conf

    # - how many server processes to start (server pool regulation)
    # - usage of KeepAlive
    Include /etc/apache2/server-tuning.conf

    # ErrorLog: The location of the error log file.
    # If you do not specify an ErrorLog directive within a <VirtualHost>
    # container, error messages relating to that virtual host will be
    # logged here. If you *do* define an error logfile for a <VirtualHost>
    # container, that host's errors will be logged there and not here.
    ErrorLog /var/log/apache2/error_log

    # generated from APACHE_MODULES in /etc/sysconfig/apache2
    Include /etc/apache2/sysconfig.d/loadmodule.conf

    # IP addresses / ports to listen on
    Include /etc/apache2/listen.conf

    # predefined logging formats
    Include /etc/apache2/mod_log_config.conf

    # generated from global settings in /etc/sysconfig/apache2
    Include /etc/apache2/sysconfig.d/global.conf

    # optional mod_status, mod_info
    Include /etc/apache2/mod_status.conf
    Include /etc/apache2/mod_info.conf

    # optional cookie-based user tracking
    # read the documentation before using it!!
    Include /etc/apache2/mod_usertrack.conf

    # configuration of server-generated directory listings
    Include /etc/apache2/mod_autoindex-defaults.conf

    # associate MIME types with filename extensions
    TypesConfig /etc/apache2/mime.types
    DefaultType text/plain
    Include /etc/apache2/mod_mime-defaults.conf

    # set up (customizable) error responses
    Include /etc/apache2/errors.conf

    # global (server-wide) SSL configuration, that is not specific to
    # any virtual host
    Include /etc/apache2/ssl-global.conf

    # forbid access to the entire filesystem by default
    <Directory />
    Options None
    AllowOverride None
    Order deny,allow
    Deny from all
    </Directory>

    # use .htaccess files for overriding,
    AccessFileName .htaccess
    # and never show them
    <Files ~ "^\.ht">
    Order allow,deny
    Deny from all
    </Files>

    # List of resources to look for when the client requests a directory
    DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php5 index.php4 index.php3 index.pl index.html.var


    ### 'Main' server configuration #############################################
    #
    # The directives in this section set up the values used by the 'main'
    # server, which responds to any requests that aren't handled by a
    # <VirtualHost> definition. These values also provide defaults for
    # any <VirtualHost> containers you may define later in the file.
    #
    # All of these directives may appear inside <VirtualHost> containers,
    # in which case these default settings will be overridden for the
    # virtual host being defined.
    #
    Include /etc/apache2/default-server.conf


    # Another way to include your own files
    #
    # The file below is generated from /etc/sysconfig/apache2,
    # include arbitrary files as named in APACHE_CONF_INCLUDE_FILES and
    # APACHE_CONF_INCLUDE_DIRS
    Include /etc/apache2/sysconfig.d/include.conf


    ### Virtual server configuration ############################################
    #
    # VirtualHost: If you want to maintain multiple domains/hostnames on your
    # machine you can setup VirtualHost containers for them. Most configurations
    # use only name-based virtual hosts so the server doesn't need to worry about
    # IP addresses. This is indicated by the asterisks in the directives below.
    #
    # Please see the documentation at
    # <URL:http://httpd.apache.org/docs-2.0/vhosts/>
    # for further details before you try to setup virtual hosts.
    #
    # You may use the command line option '-S' to verify your virtual host
    # configuration.
    #
    Include /etc/apache2/vhosts.d/*.conf


    # Note: instead of adding your own configuration here, consider
    # adding it in your own file (/etc/apache2/httpd.conf.local)
    # putting its name into APACHE_CONF_INCLUDE_FILES in
    # /etc/sysconfig/apache2 -- this will make system updates
    # easier :)

    <Directory /var/www/sharedip>
    Options +Includes -Indexes
    AllowOverride None
    AllowOverride Indexes AuthConfig Limit FileInfo
    Order allow,deny
    Allow from all
    <Files ~ "^\.ht">
    Deny from all
    </Files>
    </Directory>

    ###############ispconfig_log###############
    LogFormat "%v||||%b||||%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig
    CustomLog "|/root/ispconfig/cronolog --symlink=/var/log/httpd/ispconfig_access_log /var/log/httpd/ispconfig_access_log_%Y_%m_%d" combined_ispconfig

    <Directory /srv/www/*/web>
    Options +Includes -Indexes
    AllowOverride None
    AllowOverride Indexes AuthConfig Limit FileInfo
    Order allow,deny
    Allow from all
    <Files ~ "^\.ht">
    Deny from all
    </Files>
    </Directory>

    <Directory /srv/www/*/user/*/web>
    Options +Includes -Indexes
    AllowOverride None
    AllowOverride Indexes AuthConfig Limit FileInfo
    Order allow,deny
    Allow from all
    <Files ~ "^\.ht">
    Deny from all
    </Files>
    </Directory>

    <Directory /srv/www/*/cgi-bin>
    Options ExecCGI -Indexes
    AllowOverride None
    AllowOverride Indexes AuthConfig Limit FileInfo
    Order allow,deny
    Allow from all
    <Files ~ "^\.ht">
    Deny from all
    </Files>
    </Directory>

    Include /etc/apache2/vhosts/Vhosts_ispconfig.conf
     
  11. till

    till Super Moderator

    This is ok too. Did you forward port 80 and 443 from your router to IP 192.168.254.31 ?
     
  12. crn_admin

    crn_admin New Member

    Yes. In fact, I can access the ISPConfig Control Panel from a remote computer.
     
  13. falko

    falko Super Moderator

    What's the output of
    Code:
    ps aux | grep -i apparmor
    ?
     
  14. crn_admin

    crn_admin New Member

    root 14950 0.0 0.0 2920 712 pts/1 S+ 09:04 0:00 grep -i apparmo r
     
  15. falko

    falko Super Moderator

    There's no AppArmor running, so that's not the problem.
    Maybe it's a problem with your router not supporting loopbacks into your network... :confused:
     
  16. crn_admin

    crn_admin New Member

    Thanks for all your help... I think I'm going to try re-building the machine, since we seem to have hit a dead-end.
     

Share This Page