I'd drop the IfModules and IfDefines and see how that changes your observations. On Mon, Jul 16, 2018 at 5:53 PM James Moe <jimoe@xxxxxxxxxxxxxx.invalid> wrote: > > Hello, > opensuse LEAP 15 > linux 4.12.14-lp150.11-default x86_64 > apache2 2.4.33 > > After the upgrade from v2.4.23 to v2.4.33, https requests yield error > 403: > Access forbidden! > You don't have permission to access the requested directory. There is > either no index document or the directory is read-protected. > > Neither of the stated reasons are true. The OS permissions for the > directory are 775; there is an <index.php>. > So, the "permissions" are an apache thing, not OS? > > http requests yield eroor 400: > Bad request! > Your browser (or proxy) sent a request that this server could not > understand. > > This was obviously not a problem in v2.4.23. I do not see what is > different. > apachectl -t proclained "Syntax OK." > > Suggestions? > > ----[ from the error log ]---- > [Mon Jul 16 14:45:30.020764 2018] [access_compat:error] [pid 26589] > [client 192.168.69.115:48200] AH01797: client denied by server > configuration: /data01/t-drv/websites/sma-v3/ > > > ----[ vhost config ]---- > <VirtualHost *:80> > ServerAdmin jimoe@xxxxxxxxxxxxxx > > ServerName sma-v3.sma.com > DocumentRoot "/data01/t-drv/websites/sma-v3" > ErrorDocument 404 /404.php > ErrorDocument 410 /410.php > ErrorDocument 401 /401.php > > ErrorLog "/data01/t-drv/websites/.logs/sma-v3-error_log" > CustomLog "/data01/t-drv/websites/.logs/sma-v3-access_log" common > > <Directory "/data01/t-drv/websites/sma-v3"> > AllowOverride FileInfo Authconfig Options > Options Indexes FollowSymLinks MultiViews > > AddHandler application/x-httpd-php .php > MultiviewsMatch Handlers > > Require all granted > </Directory> > <Files *> > Forcetype application/x-http-php > </Files> > <Files *\.*> > Forcetype none > </Files> > > </VirtualHost> > > ## > ## SSL Virtual Host Context > ## > <IfDefine SSL> > # > # Some MIME-types for downloading Certificates and CRLs > # > # AddType application/x-x509-ca-cert .crt > # AddType application/x-pkcs7-crl .crl > > <IfModule mod_ssl.c> > <VirtualHost *:443> > > # General setup for the virtual host > DocumentRoot "/data01/t-drv/websites/sma-v3" > ServerName sma-v3.sma.com > ServerAdmin jimoe@xxxxxxxxxxxxxx > ErrorLog "/data01/t-drv/websites/.logs/sma-v3s-error_log" > CustomLog "/data01/t-drv/websites/.logs/sma-v3s-access_log" common > TransferLog "/data01/t-drv/websites/.logs/access_log" > > ErrorDocument 404 /404.php > ErrorDocument 410 /410.php > ErrorDocument 401 /401.php > > <Directory "/data01/t-drv/websites/sma-v3"> > AllowOverride Authconfig > AllowOverride All > Options -ExecCGI > Require all granted > </Directory> > > SSLEngine on > > # SSLCertificateFile > "/data01/t-drv/websites/.conf/ssl/sma-ca-2/sma-multi.crt" > # SSLCertificateKeyFile > "/data01/t-drv/websites/.conf/ssl/sma-ca-2/sma-multi.key" > > SSLCertificateChainFile "/data01/srv/vhosts.sma/ssl/sma-ca-chain.cert.pem" > SSLCertificateFile "/data01/srv/vhosts.sma/ssl/www.sma.com.cert-01.pem" > SSLCertificateKeyFile > "/data01/srv/vhosts.sma/ssl/www.sma.com.insecure-01.key" > > # SSLCipherSuite HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL > SSLProtocol ALL -SSLv2 > > </VirtualHost> > </ifmodule> > </ifdefine> > ----[ end ]---- > > > > -- > James Moe > moe dot james at sohnen-moe dot com > 520.743.3936 > Think. > -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|