Re: 403 error on Default Directory

["J. Stephens" <onlineworkmail@xxxxxxxxx>]

The solution to the problem was that I needed to add  a <Directory/> to the vhost. I do not know why it would need the root directory, but as long as it is fixed then I do not care. Would this cause any security risks or is it fine to add this directory?

BTW: Thank you for your responses it has helped a bunch.

On Apr 28, 2011, at 10:30 PM, Yehuda Katz wrote:

On Thu, Apr 28, 2011 at 1:53 PM, J. Stephens <onlineworkmail@xxxxxxxxx> wrote:

error log says "[Thu Apr 28 13:50:57 2011] [error] [client 98.226.168.246] client denied by server configuration: /"

my website is at /var/www/testing600.remcycle.net/. Should it be saying that directory and not the root directory?

On Thu, Apr 28, 2011 at 10:37 AM, J. Stephens <onlineworkmail@xxxxxxxxx> wrote:

I am getting 403 errors when I add a new vhost. at testing601.remcycle.net I get 403, but at testing601.remcycle.net/index.html it works. What are the possible causes of this 403 error?

All it is telling you is the configuration that is being inherited from a config for /.

The closest thing I have to Debian Squeeze is Ubuntu Lucid Lynx (10.04). It has this comment in "/etc/apache2/conf.d/security":

# Disable access to the entire file system except for the directories that
# are explicitly allowed later.
#
# This currently breaks the configurations that come with some web application
# Debian packages. It will be made the default for the release after lenny.
#
#<Directory />
#       AllowOverride None
#       Order Deny,Allow
#       Deny from all
#</Directory>

Since Squeeze is after Lenny, this might mean that a good place to start looking for your problem is wherever you have your <Directory /var/www/testing600.remcycle.net/> directive.

Do you have the mod_info handler enabled? It might be able to help find the offending directive.

(Documentation: http://httpd.apache.org/docs/2.2/mod/mod_info.html)

- Yehuda