So i have SVN installed and using HTTPD for a remote repository. All works well, until i use the password file. This is not working at all. Apache's error_log says
(13) Permission Denied: Could not open password file
I have set the passwd file's chmod to 777 and chown to apache, I also set the parent folder of the repo and passwd file to chown apache and chmod 777...
I have no clue how this is a permissions problem anymore... any help please!!
UPDATE
I took SVN out of it, and just implemented a standard basic auth on one of my domains
<VirtualHost *:80>
ServerName domain.com
ServerAlias www.domain.com
DocumentRoot "/var/www/www.domain.com/public_www"
<Directory "/var/www/www.domain.com/public_www">
Options -Indexes
Order allow,deny
Allow from all
AllowOverride All
AuthType Basic
AuthName "Basic Authentication"
AuthUserFile /path/to/authfile.htpasswd
Require valid-user
</Directory>
</VirtualHost>
I created the password file like this
htpasswd -cm /path/to/authfile.htpasswd username
password (and retype)
And finally
service httpd restart
Lo and behold, the auth prompt works as before, but the username and password DOES NOT! This is rather frustrating, i have double checked all the permissions, owners etc of the password file and parent folder, but i still get
(13) Permission Denied: Could not open password file
In the error_log for Apache
If you're on a Red Hat Enterprise Linux/Centos/Fedora system and you create your htpasswd file outside of /var/www/html directory, owned by apache, you'll also have problems with SELinux context/lables of the htpasswd file. You can check the current context/label of htpasswd with the -Z option passed into the ls command.
ls -Z
The htpasswd file should have a type of httpd_sys_content_t. you can change this with this command:
chcon -t httpd_sys_content_t htpasswd
More info on Relabeling Files for SELinux:
https://wiki.centos.org/HowTos/SELinux#head-0f6390ddacfab39ee973ed8018a32212c2a02199
Maybe a bit of an obvious slap in my face:
I had previously been putting /path/to/authfile.htpasswd out side of apaches home folder /var/www, when I put the password file in /var/www/svn-auth/*.htpasswd than it worked.
Regardless of chown (apache owning /svn-auth and .htpasswd files within) it was probably being denied because it's likely that apache's (as a user) home folder is /var/www/* and was being denied access outside of it...
Lesson learned
Related
I'm trying to set up apache on fedora 37. I'm specifically trying to make a symlink in var/www/html to a folder in my home folder:
[yatsuta#fedora html]$ pwd
> /var/www/html
[yatsuta#fedora html]$ file yatsuta
yatsuta: symbolic link to /home/yatsuta/Programming/webdev/html/
I've put test.html in the webdev/html folder, and made sure to give apache proper permissions via setfacl (following this answer on similar question).
However, when trying to access the file from web browser I get access forbidden error anyway, and I do not know what to do with this.
I havent edited my conf file at all so it's at its defaults, which are the following:
User apache
Group apache
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
Testing the permissions confirms that they are set up properly (at least as far as I know):
[yatsuta#fedora /]$ sudo -u apache test -x /home/yatsuta/Programming/webdev/html/test.html; echo "$?"
0
(running with -r and -w also returns 0)
I'm new to apache.
I'm trying to create an alias to my project folder which is in home/Documents/Projects/blog directory.
I added this to httpd configs:
Alias /blog "/home/ehsan/Documents/Projects/blog/ui/dist"
<Directory "/home/ehsan/Documents/Projects/blog/ui/dist">
DirectoryIndex index.html
AllowOverride All
Options FollowSymlinks
Require all granted
</Directory>
I did this also:
sudo chmod -R 775 /home/ehsan/Documents/Projects/leitner/ui/dist
but I get "403 Access forbidden!" error.
I did the same thing for phpmyadmin and it works.
I read somewhere that apache should have access to all the higher level directories. is that true?
apache version: 2.4.41 (Unix)
os: manjaro 18
I think you can make apache the owner of the folder which it's gonna make changes in it.
Try this:
head to your project directory as below
cd /home/ehsan/Documents/Projects/leitner
and then :
chown -R www-data:www-data ui/
if there was any error going on, send the log of apache here would be helpful
As the title says, I have an AWS EC2 instance with Apache. It's a Linux server. I want to password protect one directory. I was following this answer: https://stackoverflow.com/a/18178857/989722
htaccess:
AuthType Basic
AuthName "Password Protected Area"
AuthUserFile /var/www/admin/.htpasswd
Require valid-user
Created a proper .htpasswd file, but wondering if there's another step.
However, it's not working (i.e., directory isn't protected). I restarted my server and that didn't help. Wondering if I need to change something in my config file.
If I look at the contents of the directory where I placed my .htaccess file, using terminal ls, the .htaccess file isn't visible. I uploaded it using SFTP and see it using my FTP application, but maybe it's not actually there. Same thing for my .htpasswd file.
Dumb mistake.
Needed to add this to my server config file:
<Directory /var/www/html/MYPROTECTEDDIRECTORY>
AllowOverride All
</Directory>
Couple of addition to above step.
config file to update directory for AllowOverride is available via vi editor
sudo vi /etc/httpd/conf/httpd.conf
After saving restart the apache server
sudo /etc/init.d/httpd restart
I have apache running on port 80. I have also created an additional conf file in conf.d that would open up a second port 8010 with a different directory but I am unable to get to subdirectories now of the document root of 8010
Listen 8010
<VirtualHost ip:8010>
DocumentRoot /var/www/boom
ServerName localhost
ErrorLog logs/dm-error_log
CustomLog logs/dm-access_log common
<Directory /var/www/boom>
AuthName "Protected Area"
AuthType Basic
AuthUserFile /var/www/secure/passwords
Require valid-user
</Directory>
</VirtualHost>
If I try to go to ip:8010/banq I get the following error
Forbidden You don't have permission to access /banq/ on this server.
I tried chmod 777 on banq with no luck
I had this all working great for few years and then lost all backups, had to recreate from scratch. I was able to move conf file from 1 server to another without setting any any chown and minor chmod commands. Is it possible to open all subdirectories of /var/www/boom to anyone who authenticates properly?
Two things I have encountered that could cause a similar error would be:
Apache can't access the document root of where the banq/ directory is found. Have you checked permissions on /var/www/boom? Setting the group to apache or nobody, or making the directory world readable would be a good test.
If there is no directory index in banq/ Apache may prevent you from viewing a directory listing. Try adding either an index.html page to the directory for testing, or add "Options +Indexes" to the config file.
I got my new VPS server with CentOS 5.8, I could not transfer my domain yet but I want to reach my site via http://my-server-ip and since I am using laravel framework I need to change default DocumentRoot httpdocs to httpdocs/public I have tried to put those lines to httpd.conf file:
<VirtualHost my-server-ip:80>
DocumentRoot /var/www/vhosts/my.domain.org/httpdocs/public
ServerName my.domain.org
</VirtualHost>
However after restarting apache it warns me like this:
Warning: DocumentRoot [/public] does not exist
What should I do?
You'll need to enable read (and possibly execute) privileges on the directory. As root try:
# Recursively set the owner of this folder to 'www'
chown -R www /var/www/vhosts/my.domain.org/httpdocs/public
# Recursively give the owner read and execute privileges
chmod -R u+rx /var/www/vhosts/my.domain.org/httpdocs/public
As an alternative on some setups the user might be called nobody. So if www doesn't work try:
chown -R nobody /var/www/vhosts/my.domain.org/httpdocs/public
EDIT:
As user tink pointed out in the comments
"...in Centos the user running apache is aptly called apache. In debian and it's derivatives, it's www-data."
might be that the apache user can't get into the new directory. try
chmod a+r /var/www/vhosts/my.domain.org/httpdocs/public
I had the same "403 page" problem. Just after I changed Document Root in my /etc/apache2/conf-available/sitename.conf from /var/www/html to /data/www.
To solve the problem I did the folowing:
1) Utilized chown and chmod examples, provided by Mike (2 posts above). Many thanks to him;
2) Added 2 lines to the end of /etc/apparmor.d/abstractions/web-data as follows:
/data/www/ r,
/data/www/** r,
and then run:
sudo service apparmor reload
3) I also needed to add the following bit of code to my apache.conf:
<Directory /data/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
May be some actions were superfluous, but It worked pretty nice for me (Apache v2.4.7, Ubuntu 14.04.1)