Re: [users@httpd] httpd occasional 403 error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Le 30 août 05, à 18:48, Joshua Slive a écrit :

On 8/30/05, Dominique Fober <fober@xxxxxxxx> wrote:
Here is some additional information:

- the server and system version numbers:
Apache-AdvancedExtranetServer/2.0.50 (Mandrakelinux/7.3.101mdk)
mod_perl/1.99_16 Perl/v5.8.5 mod_ssl/2.0.50 OpenSSL/0.9.7d PHP/4.3.8
Linux 2.6.8.1-12mdksmp #1 SMP Fri Oct 1 11:24:45 CEST 2004 i686
Intel(R) Pentium(R) 4 CPU 2.80GHz (official Mandrake 10.1)

Oooo.  I get scarded whenever I see that "AdvancedExtranet" stuff.
That means a version of apache with random extra hacks added.  Who
knows what it will do.

the apache server is as provided with the official mandrake 10.1
distribution + some updates

Yes, I know.  But that could be quite different than the version
coming from httpd.apache.org.




- some reports from error_log:
[Thu Aug 25 11:15:09 2005] [error] [client 81.199.84.124] Directory
index forbidden by rule: /home/www/html/Creation/Residences/Giroudon/
[Mon Aug 29 17:57:14 2005] [error] [client 194.5.49.22] Directory
index
forbidden by rule: /home/www/html/
errors are on any folder, access rights have been controled


- an excerpt of the commonhttpd.conf
<Directory /home/www/html>
     Options -Indexes Includes FollowSymLinks -MultiViews

Well, you do have indexes turned off (although your Options line
doesn't make a lot of sense -- see the docs for Options). Do you have a file in those directories that matches the DirectoryIndex directive?

yes, there is one (index.html) and the server can find and use it
almost each time, apart these 'occasional' errors...

I would try running in single-process mode (httpd -X) under strace and
possibly under a debugger to try to figure out exactly why apache
can't find the index.html.


thanks a lot for the suggestion!
Trying to change the command line options, I've discovered that httpd is launched with a whole bunch of -D options. First of all, I feel a little bit brainless for not having looked at these options earlier. Here there are:

httpd2 -f /etc/httpd/conf/httpd2.conf -DAPACHE2 -DHAVE_PERL -DHAVE_PHP4 -DHAVE_SSL -DHAVE_SUEXEC -DHAVE_ACCESS -DHAVE_ACTIONS -DHAVE_ALIAS -DHAVE_ASIS -DHAVE_AUTH_ANON -DHAVE_AUTH_DBM -DHAVE_AUTH_DIGEST -DHAVE_AUTH -DHAVE_AUTOINDEX -DHAVE_CACHE -DHAVE_CASE_FILTER_IN -DHAVE_CASE_FILTER -DHAVE_CERN_META -DHAVE_CGID -DHAVE_CGI -DHAVE_CHARSET_LITE -DHAVE_DIR -DHAVE_DISK_CACHE -DHAVE_ENV -DHAVE_EXPIRES -DHAVE_EXT_FILTER -DHAVE_HEADERS -DHAVE_IMAP -DHAVE_INCLUDE -DHAVE_INFO -DHAVE_LOG_CONFIG -DHAVE_LOG_FORENSIC -DHAVE_LOGIO -DHAVE_MIME_MAGIC -DHAVE_MIME -DHAVE_NEGOTIATION -DHAVE_PROXY_CONNECT -DHAVE_PROXY_FTP -DHAVE_PROXY_HTTP -DHAVE_PROXY -DHAVE_REWRITE -DHAVE_SETENVIF -DHAVE_SPELING -DHAVE_STATUS -DHAVE_UNIQUE_ID -DHAVE_USERDIR -DHAVE_USERTRACK -DHAVE_VHOST_ALIAS

When I remove the proxy related options (-DHAVE_PROXY_CONNECT -DHAVE_PROXY_FTP -DHAVE_PROXY_HTTP -DHAVE_PROXY)
the occasional 403 error problem disappear.
Do you think it's a bug (or an unexpected behavior)? should I send a report to the apache modules mailing list?
---
Dominique Fober


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux