Apache 2.0 changed the default DocumentRoot permissions to be very restrictive. While I can’t argue this is a better security paradigm than less restrictive default permissions, in the real world upgrading a server with 300+ domains, it can be a pain to script permissions changes in all of the config files.
<Directory />
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
Change the default permissions to be less restrictive with this instead:
<Directory />
AllowOverride None
Order Deny,Allow
</Directory>
AllowOverride None
Order Deny,Allow
</Directory>
Most Popular Posts
{ 9 comments… read them below or add one }
Terrific fix. Many thanks.
Lovely lovely lovey
That was it
thx!
At last! Thank you very much for this info.
I’m doing some Apache/PHP/mySQL tutorials and not being able to start my personal web pages for testing was driving me insane. All is well with the world now and I can stick my virtual hair back onto my head.
thanks a lot . You save my job. I have confused with this error for a week, try to solve it from google but always fail. Until I find the right solution from you. Thank you guy!
Hi, I am getting a 403 error for all my static content which should be served by apache. I tried to comment out the line which you have mentioned above, but that did not take care of the error. I have checked all the permissions and the apache user has permissions to view all the static content. What could the problem be???? Please help as we go live in a week!!!
Have you looked in the error log to see the full error?
Rabbit, remember that, each time you change something in httpd, you must restart apache.
damonp, your solution is nice, but I think instead of allowing everyone to see the root directory you should allow only the htdocs directory. In the httpd.conf, right after
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
there is another rule, exclusive for the htdocs directory
# Note that from this point forward you must specifically allow
# particular features to be enabled – so if something’s not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "”>
#
# Possible values for the Options directive are “None”, “All”,
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that “MultiViews” must be named *explicitly* — “Options All”
# doesn’t give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be “All”, “None”, or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
Hope this helps to someone.
Antonio.
Awesome!! This helped me so much! Fixed my long pending error on a jiffy.. thanks so much
Cheers! Was the only thing that would fix my 403 forbidden
{ 1 trackback }