Re: Problem configuring proxy (forbidden error locally)

[Igor Cicimov <icicimov@xxxxxxxxx>]

First un-comment the 

#ProxyRequests On

and make it 

ProxyRequests Off

if you want to run reverse proxy.

On Thu, Feb 10, 2011 at 12:26 PM, o haya <ohaya@xxxxxxxxx> wrote:

Hi Eric and Igor,

The Apache proxy logs show "403" errors.

I've been hunting down all the deny/allows and <Directory> directives/sections, and these are all that I found in the httpd.conf:

<Directory />

                Options FollowSymLinks

                AllowOverride None

</Directory>

 

<Directory “/var/www/html”>

                Options Indexes FollowSymLinks

                AllowOverride None

                Order Allow,deny

                Allow from all

</Directory>

 

<Directory “/var/www/icons”>

                Options Indexes MultiViews

                AllowOverride None

                Order allow,deny

                Allow from all

</Directory>

 

<Directory “/var/www/cgi-bin”>

                AllowOverride None

                Options None

                Order allow,deny

                Allow from all

</Directory>

 

<Directory “/var/www/error”>

                AllowOverride None

                Options IncludeNoExec

                AddOutputFilter Include html

                AddHandler type-map var

                Order allow,deny

                Allow from all

                LanguagePriority en es de fr

                ForceLanguagePriority Prefer Fallback

</Directory>

 

My understanding is the above would only apply to physical directories on the proxy machine, plus it doesn't seem like any of them would cause a "deny"?

There's also an <IfModule>:

#<IfModule mod_proxy.c>

#ProxyRequests On

 

#<Proxy *>

#                Order deny,allow

#                Deny from all

#                 Allow from .example.com

#</Proxy>

 

But, that was commented out already in the httpd.conf, so it wouldn't affect anything?

 

I think that if uncommented that <IfModule>, and changed it to allow:

<IfModule mod_proxy.c>

#ProxyRequests On

 

<Proxy *>

                Order allow,deny

                 Allow from all

</Proxy>

that might fix the problem, but, and maybe I'm being stubborn, I'd really rather find exactly what is causing the deny (it always worries me when I don't understand exactly why something is not doing what I think it should).

This is Apache 2.0.x, so there's not the "extras" directory and files, just the httpd.conf and ssl.conf, so any ideas about what ELSE might be causing JUST the proxying to get a deny (note: we CAN access resources that are LOCAL on the proxy Apache server).

Thanks,

Jim

--- On Wed, 2/9/11, Igor Cicimov <icicimov@xxxxxxxxx> wrote:

From: Igor Cicimov <icicimov@xxxxxxxxx>
Subject: Re: Problem configuring proxy (forbidden error locally)
To: users@xxxxxxxxxxxxxxxx
Date: Wednesday, February 9, 2011, 7:55 PM

have you tried the Order statement and putting "Allow from All" ?

On Thu, Feb 10, 2011 at 11:07 AM, Eric Covener <covener@xxxxxxxxx> wrote:

> so the 403 is coming from the Apache proxy itself

What do the proxy logs say?

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx