<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName cloud.lenzeta.com
# <IfModule mod_headers.c>
# Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"
# </IfModule>
# <Directory /var/www/html/>
# Options +FollowSymlinks
# AllowOverride All
# </Directory>
ServerAdmin hamish.geddes@icloud.com
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Please show:
ll /var/www/html/test*
or
ls -la /var/www/html/test*
Change this:
To this:
Remove four #'s
save
restart apache
-rw-r--r-- 1 root root 15 Oct 9 07:49 /var/www/html/test-file-1234
I will change the virtual host file now
I changed the virtual host and removed the #'s, still a 403 error once restarting apache and grep says this (seems there is now another save file):
/etc/apache2/sites-enabled/000-default.conf:<VirtualHost *:80>
/etc/apache2/sites-enabled/000-default.conf: # The ServerName directive sets the request scheme, hostname and port that
/etc/apache2/sites-enabled/000-default.conf: # the server uses to identify itself. This is used when creating
/etc/apache2/sites-enabled/000-default.conf: # redirection URLs. In the context of virtual hosts, the ServerName
/etc/apache2/sites-enabled/000-default.conf: # match this virtual host. For the default virtual host (this file) this
/etc/apache2/sites-enabled/000-default.conf: # However, you must set it for any further virtual host explicitly.
/etc/apache2/sites-enabled/000-default.conf: ServerName cloud.lenzeta.com
/etc/apache2/sites-enabled/000-default.conf: ServerAdmin hamish.geddes@icloud.com
/etc/apache2/sites-enabled/000-default.conf: DocumentRoot /var/www/html
/etc/apache2/sites-enabled/000-default.conf: # include a line for only one particular virtual host. For example the
/etc/apache2/sites-enabled/000-default.conf:
/etc/apache2/sites-enabled/000-default.conf.save:<VirtualHost *:80>
/etc/apache2/sites-enabled/000-default.conf.save: # The ServerName directive sets the request scheme, hostname and port that
/etc/apache2/sites-enabled/000-default.conf.save: # the server uses to identify itself. This is used when creating
/etc/apache2/sites-enabled/000-default.conf.save: # redirection URLs. In the context of virtual hosts, the ServerName
/etc/apache2/sites-enabled/000-default.conf.save: # match this virtual host. For the default virtual host (this file) this
/etc/apache2/sites-enabled/000-default.conf.save: # However, you must set it for any further virtual host explicitly.
/etc/apache2/sites-enabled/000-default.conf.save: ServerName cloud.lenzeta.com
/etc/apache2/sites-enabled/000-default.conf.save: ServerAdmin hamish.geddes@icloud.com
/etc/apache2/sites-enabled/000-default.conf.save: DocumentRoot /var/www/html
/etc/apache2/sites-enabled/000-default.conf.save: # include a line for only one particular virtual host. For example the
/etc/apache2/sites-enabled/000-default.conf.save:
/etc/apache2/sites-enabled/000-default.conf.save.1:<VirtualHost *:80>
/etc/apache2/sites-enabled/000-default.conf.save.1: # The ServerName directive sets the request scheme, hostname and port that
/etc/apache2/sites-enabled/000-default.conf.save.1: # the server uses to identify itself. This is used when creating
/etc/apache2/sites-enabled/000-default.conf.save.1: # redirection URLs. In the context of virtual hosts, the ServerName
/etc/apache2/sites-enabled/000-default.conf.save.1: # match this virtual host. For the default virtual host (this file) this
/etc/apache2/sites-enabled/000-default.conf.save.1: # However, you must set it for any further virtual host explicitly.
/etc/apache2/sites-enabled/000-default.conf.save.1: ServerName cloud.lenzeta.com
/etc/apache2/sites-enabled/000-default.conf.save.1:# ServerName server.lenzeta.com
/etc/apache2/sites-enabled/000-default.conf.save.1: ServerAdmin hamish.geddes@icloud.com
/etc/apache2/sites-enabled/000-default.conf.save.1: DocumentRoot /var/www/html
/etc/apache2/sites-enabled/000-default.conf.save.1: # include a line for only one particular virtual host. For example the
/etc/apache2/sites-enabled/000-default.conf.save.1:
Please just delete the .save file:
rm /etc/apache2/sites-enabled/000-default.conf.save
then restarrt apache
output from grep now that .save deleted (seems there is a save.swp file at the bottom):
/etc/apache2/sites-enabled/000-default.conf:<VirtualHost *:80>
/etc/apache2/sites-enabled/000-default.conf: # The ServerName directive sets the request scheme, hostname and port that
/etc/apache2/sites-enabled/000-default.conf: # the server uses to identify itself. This is used when creating
/etc/apache2/sites-enabled/000-default.conf: # redirection URLs. In the context of virtual hosts, the ServerName
/etc/apache2/sites-enabled/000-default.conf: # match this virtual host. For the default virtual host (this file) this
/etc/apache2/sites-enabled/000-default.conf: # However, you must set it for any further virtual host explicitly.
/etc/apache2/sites-enabled/000-default.conf: ServerName cloud.lenzeta.com
/etc/apache2/sites-enabled/000-default.conf: ServerAdmin hamish.geddes@icloud.com
/etc/apache2/sites-enabled/000-default.conf: DocumentRoot /var/www/html
/etc/apache2/sites-enabled/000-default.conf: # include a line for only one particular virtual host. For example the
/etc/apache2/sites-enabled/000-default.conf:
Binary file /etc/apache2/sites-enabled/.000-default.conf.save.swp matches
I removed the .swp file just in case
This is the folder /var/www/html output, if that is any help (maybe ownership?):
total 168
drwxr-xr-x 13 root root 4096 Oct 9 09:15 .
drwxr-xr-x 3 root root 4096 Sep 24 13:40 ..
drwxr-xr-x 41 www-data www-data 4096 Sep 9 12:44 3rdparty
drwxr-xr-x 50 www-data www-data 4096 Sep 24 21:49 apps
-rw-r--r-- 1 www-data www-data 16522 Sep 9 12:41 AUTHORS
drwxr-xr-x 2 www-data www-data 4096 Sep 24 22:25 config
-rw-r--r-- 1 www-data www-data 3967 Sep 9 12:41 console.php
-rw-r--r-- 1 www-data www-data 34520 Sep 9 12:41 COPYING
drwxr-xr-x 23 www-data www-data 4096 Sep 9 12:44 core
-rw-r--r-- 1 www-data www-data 5140 Sep 9 12:41 cron.php
-rw-r--r-- 1 www-data www-data 3124 Sep 24 21:46 .htaccess
-rw-r--r-- 1 www-data www-data 156 Sep 9 12:41 index.html
-rw-r--r-- 1 www-data www-data 2960 Sep 9 12:41 index.php
drwxr-xr-x 6 www-data www-data 4096 Sep 9 12:41 lib
-rw-r--r-- 1 www-data www-data 283 Sep 9 12:41 occ
drwxr-xr-x 2 www-data www-data 4096 Sep 9 12:41 ocm-provider
drwxr-xr-x 2 www-data www-data 4096 Sep 9 12:41 ocs
drwxr-xr-x 2 www-data www-data 4096 Sep 9 12:41 ocs-provider
lrwxrwxrwx 1 www-data www-data 21 Sep 24 14:18 phpmyadmin -> /usr/share/phpmyadmin
-rw-r--r-- 1 www-data www-data 3102 Sep 9 12:41 public.php
-rw-r--r-- 1 www-data www-data 5332 Sep 9 12:41 remote.php
drwxr-xr-x 4 www-data www-data 4096 Sep 9 12:41 resources
-rw-r--r-- 1 www-data www-data 26 Sep 9 12:41 robots.txt
-rw-r--r-- 1 www-data www-data 2379 Sep 9 12:41 status.php
-rw-r--r-- 1 root root 15 Oct 9 07:49 test-file-1234
drwxr-xr-x 3 www-data www-data 4096 Sep 9 12:41 themes
drwxr-xr-x 2 www-data www-data 4096 Sep 9 12:42 updater
-rw-r--r-- 1 www-data www-data 101 Sep 9 12:41 .user.ini
-rw-r--r-- 1 www-data www-data 362 Sep 9 12:44 version.php
You could try:
chgrp www-data /var/www/html/test-file-1234
chown www-data /var/www/html/test-file-1234
But I don't think that will fix the problem.
When trying to access one of the other public files there, it fails with 403 error:
curl -Iki http://cloud.lenzeta.com/robots.txt
HTTP/1.1 403 Forbidden
Content-Type: text/html
Content-Length: 345
Date: Fri, 09 Oct 2020 13:01:10 GMT
Server: lighttpd/1.4.47
curl http://cloud.lenzeta.com/robots.txt
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>403 - Forbidden</title>
</head>
<body>
<h1>403 - Forbidden</h1>
</body>
</html>
Can we see the .htaccess
file?
This is what is in the .htaccess file:
<IfModule mod_headers.c>
<IfModule mod_setenvif.c>
<IfModule mod_fcgid.c>
SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1
RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION
</IfModule>
<IfModule mod_proxy_fcgi.c>
SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1
</IfModule>
</IfModule>
<IfModule mod_env.c>
# Add security and privacy related headers
# Avoid doubled headers by unsetting headers in "onsuccess" table,
# then add headers to "always" table: https://github.com/nextcloud/server/p>
Header onsuccess unset Referrer-Policy
Header always set Referrer-Policy "no-referrer"
Header onsuccess unset X-Content-Type-Options
Header always set X-Content-Type-Options "nosniff"
Header onsuccess unset X-Download-Options
Header always set X-Download-Options "noopen"
Header onsuccess unset X-Frame-Options
Header always set X-Frame-Options "SAMEORIGIN"
Header onsuccess unset X-Permitted-Cross-Domain-Policies
Header always set X-Permitted-Cross-Domain-Policies "none"
Header onsuccess unset X-Robots-Tag
Header always set X-Robots-Tag "none"
Header onsuccess unset X-XSS-Protection
Header always set X-XSS-Protection "1; mode=block"
SetEnv modHeadersAvailable true
</IfModule>
# Add cache control for static resources
<FilesMatch "\.(css|js|svg|gif)$">
Header set Cache-Control "max-age=15778463"
</FilesMatch>
# Let browsers cache WOFF files for a week
<FilesMatch "\.woff2?$">
Header set Cache-Control "max-age=604800"
</FilesMatch>
</IfModule>
<IfModule mod_php7.c>
php_value mbstring.func_overload 0
php_value default_charset 'UTF-8'
php_value output_buffering 0
<IfModule mod_env.c>
SetEnv htaccessWorking true
</IfModule>
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} DavClnt
RewriteRule ^$ /remote.php/webdav/ [L,R=302]
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L]
RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L]
RewriteRule ^\.well-known/webfinger /public.php?service=webfinger [QSA,L]
RewriteRule ^\.well-known/nodeinfo /public.php?service=nodeinfo [QSA,L]
RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L]
RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L]
RewriteRule ^remote/(.*) remote.php [QSA,L]
RewriteRule ^(?:build|tests|config|lib|3rdparty|templates)/.* - [R=404,L]
RewriteCond %{REQUEST_URI} !^/\.well-known/(acme-challenge|pki-validation)/.*
RewriteRule ^(?:\.|autotest|occ|issue|indie|db_|console).* - [R=404,L]
</IfModule>
<IfModule mod_mime.c>
AddType image/svg+xml svg svgz
AddEncoding gzip svgz
</IfModule>
<IfModule mod_dir.c>
DirectoryIndex index.php index.html
</IfModule>
AddDefaultCharset utf-8
Options -Indexes
<IfModule pagespeed_module>
ModPagespeed Off
</IfModule>
This is good:
But I see nothing that should be blocking these or requiring authentication:
curl -Iki http://cloud.lenzeta.com/.well-known/acme-challenge/test-file-1234
HTTP/1.1 403 Forbidden
Content-Type: text/html
Content-Length: 345
Date: Fri, 09 Oct 2020 13:32:30 GMT
Server: lighttpd/1.4.47
curl -Iki http://cloud.lenzeta.com/robots.txt
HTTP/1.1 403 Forbidden
Content-Type: text/html
Content-Length: 345
Date: Fri, 09 Oct 2020 13:34:10 GMT
Server: lighttpd/1.4.47
You need to check you config and lighttpd settings and get this simple request to work:
http://cloud.lenzeta.com/robots.txt
This is what is contained in the phpmyadmin folder, are these the correct configuration files? Is there any setting that would cause this error?
drwxr-xr-x 3 root root 4096 Oct 9 13:30 .
drwxr-xr-x 141 root root 12288 Oct 9 08:25 ..
-rw-r--r-- 1 root root 1089 Mar 31 2020 apache.conf
drwxr-xr-x 2 root root 4096 Mar 31 2020 conf.d
-rw-r----- 1 root www-data 530 Sep 24 14:11 config-db.php
-rw-r--r-- 1 root root 168 Mar 31 2020 config.footer.inc.php
-rw-r--r-- 1 root root 168 Mar 31 2020 config.header.inc.php
-rw-r--r-- 1 root root 6172 Mar 31 2020 config.inc.php
-rw-r--r-- 1 root root 273 Mar 31 2020 lighttpd.conf
-rw-r--r-- 1 root root 198 Mar 31 2020 phpmyadmin.desktop
-rw-r--r-- 1 root root 295 Mar 31 2020 phpmyadmin.service
There may be something in this file:
that is either missing or configured incorrectly.
Is there a <Directory /var/www/html/>
section in there?
If so, please show it.
If not, you may need to create one.
Please show:
grep -i directory /replace/with/path/apache.conf
grep -i directory /replace/with/path/lighttpd.conf
[I don't know where those files shown are - so update the path accordingly]
no <Directory /var/www/html/>
in the apache.conf file. In grep apache:
<Directory /usr/share/phpmyadmin>
DirectoryIndex index.php
</Directory>
<Directory /usr/share/phpmyadmin/templates>
</Directory>
<Directory /usr/share/phpmyadmin/libraries>
</Directory>
In grep lighttpd:
# Alias for phpMyAdmin directory
Well then I don't know what is going on with the 403 Forbidden.
Please show this file one last time:
cat /etc/apache2/sites-enabled/000-default.conf
I show this in my apache2.conf
fle:
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
So it may seem than this:
May need to include:
Require all granted
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.