# [SOLVED]Apache denies access(403)

## rangerguy39

Hello, I have emerged apache and ran it. Now when I connect remotely with my IP adress, I get a 403 forbidden error.

Anyone know how to fix this?

Here is my apache config:

```
# This is a modification of the default Apache 2.2 configuration file

# for Gentoo Linux.

#

# Support:

#   http://www.gentoo.org/main/en/lists.xml   [mailing lists]

#   http://forums.gentoo.org/                 [web forums]

#   irc://irc.freenode.net#gentoo-apache      [irc chat]

#

# Bug Reports:

#   http://bugs.gentoo.org                    [gentoo related bugs]

#   http://httpd.apache.org/bug_report.html   [apache httpd related bugs]

#

#

# This is the main Apache HTTP server configuration file.  It contains the

# configuration directives that give the server its instructions.

# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.

# In particular, see

# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>

# for a discussion of each configuration directive.

#

# Do NOT simply read the instructions in here without understanding

# what they do.  They're here only as hints or reminders.  If you are unsure

# consult the online docs. You have been warned.

#

# Configuration and logfile names: If the filenames you specify for many

# of the server's control files begin with "/" (or "drive:/" for Win32), the

# server will use that explicit path.  If the filenames do *not* begin

# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log"

# with ServerRoot set to "/usr" will be interpreted by the

# server as "/usr/var/log/apache2/foo.log".

 

# ServerRoot: The top of the directory tree under which the server's

# configuration, error, and log files are kept.

#

# Do not add a slash at the end of the directory path.  If you point

# ServerRoot at a non-local disk, be sure to point the LockFile directive

# at a local disk.  If you wish to share the same ServerRoot for multiple

# httpd daemons, you will need to change at least LockFile and PidFile.

ServerRoot "/usr/lib/apache2"

 

# Dynamic Shared Object (DSO) Support

#

# To be able to use the functionality of a module which was built as a DSO you

# have to place corresponding `LoadModule' lines at this location so the

# directives contained in it are actually available _before_ they are used.

# Statically compiled modules (those listed by `httpd -l') do not need

# to be loaded here.

#

# Example:

# LoadModule foo_module modules/mod_foo.so

#

# GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable.

#         Do not change manually, it will be overwritten on upgrade.

#

# The following modules are considered as the default configuration.

# If you wish to disable one of them, you may have to alter other

# configuration directives.

#

# Change these at your own risk!

 

LoadModule actions_module modules/mod_actions.so

LoadModule alias_module modules/mod_alias.so

LoadModule auth_basic_module modules/mod_auth_basic.so

LoadModule authn_alias_module modules/mod_authn_alias.so

LoadModule authn_anon_module modules/mod_authn_anon.so

LoadModule authn_dbm_module modules/mod_authn_dbm.so

LoadModule authn_default_module modules/mod_authn_default.so

LoadModule authn_file_module modules/mod_authn_file.so

<IfDefine AUTHNZ_LDAP>

LoadModule authnz_ldap_module modules/mod_authnz_ldap.so

</IfDefine>

LoadModule authz_dbm_module modules/mod_authz_dbm.so

LoadModule authz_default_module modules/mod_authz_default.so

LoadModule authz_groupfile_module modules/mod_authz_groupfile.so

LoadModule authz_host_module modules/mod_authz_host.so

LoadModule authz_owner_module modules/mod_authz_owner.so

LoadModule authz_user_module modules/mod_authz_user.so

LoadModule autoindex_module modules/mod_autoindex.so

<IfDefine CACHE>

LoadModule cache_module modules/mod_cache.so

</IfDefine>

LoadModule cgi_module modules/mod_cgi.so

<IfDefine DAV>

LoadModule dav_module modules/mod_dav.so

</IfDefine>

<IfDefine DAV>

LoadModule dav_fs_module modules/mod_dav_fs.so

</IfDefine>

<IfDefine DAV>

LoadModule dav_lock_module modules/mod_dav_lock.so

</IfDefine>

LoadModule deflate_module modules/mod_deflate.so

LoadModule dir_module modules/mod_dir.so

<IfDefine CACHE>

LoadModule disk_cache_module modules/mod_disk_cache.so

</IfDefine>

LoadModule env_module modules/mod_env.so

LoadModule expires_module modules/mod_expires.so

LoadModule ext_filter_module modules/mod_ext_filter.so

<IfDefine CACHE>

LoadModule file_cache_module modules/mod_file_cache.so

</IfDefine>

LoadModule filter_module modules/mod_filter.so

LoadModule headers_module modules/mod_headers.so

LoadModule include_module modules/mod_include.so

<IfDefine INFO>

LoadModule info_module modules/mod_info.so

</IfDefine>

<IfDefine LDAP>

LoadModule ldap_module modules/mod_ldap.so

</IfDefine>

LoadModule log_config_module modules/mod_log_config.so

LoadModule logio_module modules/mod_logio.so

<IfDefine CACHE>

LoadModule mem_cache_module modules/mod_mem_cache.so

</IfDefine>

LoadModule mime_module modules/mod_mime.so

LoadModule mime_magic_module modules/mod_mime_magic.so

LoadModule negotiation_module modules/mod_negotiation.so

LoadModule rewrite_module modules/mod_rewrite.so

LoadModule setenvif_module modules/mod_setenvif.so

LoadModule speling_module modules/mod_speling.so

<IfDefine SSL>

LoadModule ssl_module modules/mod_ssl.so

</IfDefine>

<IfDefine STATUS>

LoadModule status_module modules/mod_status.so

</IfDefine>

LoadModule unique_id_module modules/mod_unique_id.so

<IfDefine USERDIR>

LoadModule userdir_module modules/mod_userdir.so

</IfDefine>

LoadModule usertrack_module modules/mod_usertrack.so

LoadModule vhost_alias_module modules/mod_vhost_alias.so

 

# If you wish httpd to run as a different user or group, you must run

# httpd as root initially and it will switch.

#

# User/Group: The name (or #number) of the user/group to run httpd as.

# It is usually good practice to create a dedicated user and group for

# running httpd, as with most system services.

User apache

Group apache

 

# Supplemental configuration

#

# Most of the configuration files in the /etc/apache2/modules.d/ directory can

# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features

# or to modify the default configuration of the server.

#

# To know which flag to add to APACHE2_OPTS, look at the first line of the

# the file, which will usually be an <IfDefine OPTION> where OPTION is the

# flag to use.

Include /etc/apache2/modules.d/*.conf

 

# Virtual-host support

#

# Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we

# include a default vhost (enabled by adding -D DEFAULT_VHOST to

# APACHE2_OPTS in /etc/conf.d/apache2).

Include /etc/apache2/vhosts.d/*.conf

 

# vim: ts=4 filetype=apache

ServerName ***removed***

Listen 8080
```

Last edited by rangerguy39 on Fri Aug 22, 2008 5:34 pm; edited 2 times in total

----------

## Exil

what log says? does apache can read the files/dirs?

----------

## rangerguy39

```
[Fri Aug 22 10:01:19 2008] [notice] Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h configured -- resuming normal operations

[Fri Aug 22 10:01:28 2008] [error] [client 70.105.223.36] client denied by server configuration: /var/www/localhost/htdocs/

[Fri Aug 22 10:01:30 2008] [error] [client 70.105.223.36] client denied by server configuration: /var/www/localhost/htdocs/

[Fri Aug 22 10:01:31 2008] [error] [client 70.105.223.36] client denied by server configuration: /var/www/localhost/htdocs/favicon.ico

[Fri Aug 22 10:01:31 2008] [error] [client 70.105.223.36] client denied by server configuration: /var/www/localhost/htdocs/favicon.ico

```

----------

## Sysa

 *rangerguy39 wrote:*   

> 
> 
> ```
> [Fri Aug 22 10:01:19 2008] [notice] Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h configured -- resuming normal operations
> 
> ...

 

Check your /etc/apache2/vhosts.d/*.conf - you must have a valid server configuration (there is no any server configs in your main apache config).

----------

## rangerguy39

 *Sysa wrote:*   

>  *rangerguy39 wrote:*   
> 
> ```
> [Fri Aug 22 10:01:19 2008] [notice] Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h configured -- resuming normal operations
> 
> ...

 

Changed the default one, left the SSH one alone.

```
# Virtual Hosts

#

# If you want to maintain multiple domains/hostnames on your

# machine you can setup VirtualHost containers for them. Most configurations

# use only name-based virtual hosts so the server doesn't need to worry about

# IP addresses. This is indicated by the asterisks in the directives below.

#

# Please see the documentation at

# <URL:http://httpd.apache.org/docs/2.2/vhosts/>

# for further details before you try to setup virtual hosts.

#

# You may use the command line option '-S' to verify your virtual host

# configuration.

 

<IfDefine DEFAULT_VHOST>

# see bug #178966 why this is in here

 

# Listen: Allows you to bind Apache to specific IP addresses and/or

# ports, instead of the default. See also the <VirtualHost>

# directive.

#

# Change this to Listen on specific IP addresses as shown below to

# prevent Apache from glomming onto all bound IP addresses.

#

Listen ***REMOVED***:8080

#Listen 8080

 

# Use name-based virtual hosting.

NameVirtualHost *:80

 

# When virtual hosts are enabled, the main host defined in the default

# httpd.conf configuration will go away. We redefine it here so that it is

# still available.

#

# If you disable this vhost by removing -D DEFAULT_VHOST from

# /etc/conf.d/apache2, the first defined virtual host elsewhere will be

# the default.

<VirtualHost *:80>

   ServerName localhost

   Include /etc/apache2/vhosts.d/default_vhost.include

 

   <IfModule mpm_peruser_module>

      ServerEnvironment apache apache

   </IfModule>

</VirtualHost>

</IfDefine>

 

# vim: ts=4 filetype=apache
```

----------

## rangerguy39

Maybe because I dont have list directories on? I'm not sure how to do this.

----------

## Sysa

 *rangerguy39 wrote:*   

>  *Sysa wrote:*    *rangerguy39 wrote:*   
> 
> ```
> [Fri Aug 22 10:01:19 2008] [notice] Apache/2.2.9 (Unix) mod_ssl/2.2.9 OpenSSL/0.9.8h configured -- resuming normal operations
> 
> ...

 

Apache Listen on 8080 but the only defined virtual host configured for 80!

check it:

 *Quote:*   

>  netstat -ln --inet 

 

Public your /etc/conf.d/apache2 - maybe you forgot to define DEFAULT_VHOST...

Also check access rigths for /var/www/localhost/htdocs

----------

