Ubuntu: 403 error after upgrading to apache2.4



Question:

After upgrading from Ubuntu 13.04 server, the www pages won't display themselves.

Error 403 Forbidden You don't have permission to access / on this server.

I've changed access control saves from apache2.2 to apache2.4, but that didn't work. What else could I do?


Solution:1

What happened is that the syntax of the configuration files in apache2.4 have changed.

Source: This has happened to me as well after I upgraded to 13.10

conf.d files

All files that were in /etc/apache2/conf.d should be moved to /etc/apache2/conf-available.

They now work the same way sites and mods work. Just put your conf files in the conf-available folder and enable the one you want with a2enconf <config-file-name>.

Example:

I had a file conf.d/httpd.conf which had the ServerName directive.
To make that work, I had to move it to the conf-available directory and enable it manually.

sudo mv /etc/apache2/conf.d/httpd.conf /etc/apache2/conf-available/httpd.conf  sudo a2enconf httpd  

sites files

Previously, files in /etc/apache2/sites-available had no extension. For example /etc/apache2/sites-available/default. Now a .conf extension is required.

Example:

If you had /etc/apache2/sites-available/some-site, in 13.04 you can just enable it using sudo a2ensite some-site. Now it will give you an error saying

ERROR: Site some-site does not exist!

To fix this, append a .conf to all your config files in sites-available. You can do the same in sites-enabled, or you can delete all the files and re-enable them each manually.
I recommend doing them manually since you probably need to fix each VHost (next step).

sudo find /etc/apache2/sites-available/ ! -iname '*.conf' -type f -exec mv '{}' '{}'.conf \;  

if you decided to do them manually:

sudo rm /etc/apache2/sites-enabled/*  sudo a2ensite your-site-name  

Virtual Host directives:

allow/deny vs Require

If you had the following:

<Directory /path/to/your/site/>      order allow,deny      allow from all  </Directory>  

It should become:

<Directory /path/to/your/site/>      Require all granted  </Directory>  

For more info, check on the comments by DaveRandom on an answer on Stack Overflow.

Simply put, if you upgraded to apache2.4 and kept the old httpd.conf of apache2.2, allow directive should keep working fine. If you upgraded your httpd.conf (which I would suggest), you will get 403 errors until you change the Order/Allow/Deny directives to their equivalent Require.

Directory Options

If you had Directory options, note that they all have to be prepended with a + or - or none of them at all. A mix of both is not allowed:

Example:

This is allowed:

<Directory /path/to/your/site/>      Options +Indexes +FollowSymLinks -MultiViews  </Directory>  

So is this (Note that these examples don't both do the same thing, the previous one disables the MultiViews option, the next one doesn't):

<Directory /path/to/your/site/>      Options Indexes FollowSymLinks MultiViews  </Directory>  

This is no longer allowed:

<Directory /path/to/your/site/>      Options Indexes FollowSymLinks -MultiViews  </Directory>  

Last config option will throw the a syntax error saying:

Either all Options must start with + or -, or no Option may.

Restart apache

Once everything is done, you need to restart your apache server for the changes to take effect:

 sudo apache2ctl restart  

You can find a detailed upgrade guide from 2.2 to 2.4 on the official documentation.


Solution:2

I assume that the web sites are running on your Ubuntu server.

Check your httpd.conf to make sure your DocumentRoot setting is pointing to the right place.

Check the file permissions on the folder referenced by DocumentRoot can be read by the user which the webserver runs as.

Check you have an appropriate index.html/index.htm etc and that the webserver is not trying to do a directory listing.


Solution:3

I am serving files from a non-standard directory so to make the upgrade work I had to edit /etc/apache2/apache2.conf and add: Options Indexes FollowSymLinks AllowOverride None Require all granted

After this, and the recommended changes above, the 403 error went away.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »