common apache configurations

Need help installing PHP, configuring a script, or configuring a server? Then come on in and post your questions! We'll try to help the best we can!

Moderator: General Moderators

Post Reply
User avatar
neophyte
DevNet Resident
Posts: 1537
Joined: Tue Jan 20, 2004 4:58 pm
Location: Minnesota

common apache configurations

Post by neophyte »

Hey all I'm wondering if there are some common apache configuration patterns for linux and I'm wondering where I might find them.

For example, do you throw the DocumentRoot under /home/htdocs/? Then do soft link the website folders to /home/website. If so how do you keep /home/htdocs/ from serving pages?

Thanks
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Re: common apache configurations

Post by Chris Corbyn »

neophyte wrote:Hey all I'm wondering if there are some common apache configuration patterns for linux and I'm wondering where I might find them.

For example, do you throw the DocumentRoot under /home/htdocs/? Then do soft link the website folders to /home/website. If so how do you keep /home/htdocs/ from serving pages?

Thanks
This various across Linux distros. My setup is non-standard with all full websites at /srv/www/websitename.tld/ and the usual places for user public_html directories.

If you're looking to stop a directory from serving web pages you just need to create a <Directory ""> directive for that location and deny all inside that.


I run virtual hosts so my setup is a little different anyway.

Unless I'm misunderstanding you?
User avatar
neophyte
DevNet Resident
Posts: 1537
Joined: Tue Jan 20, 2004 4:58 pm
Location: Minnesota

Post by neophyte »

No you're following me okay.

That's what I'm trying to do. I'm trying to run virtual hosts. Ultimately I'd like to see:

1. /home/website/www/ web files go here

2. /home/website/www/ web files go here

3. /home/website/www/ web files go here

I've figured out the virtual host configuration. But I'm not sure what to do with the document root thing. If you run on all on virtual host what do you do with DocumentRoot? Okay to run it too?

Okay here's another dumb question. Today if I created a user with useradd and the pointed the virtualhost at that users's auto generated folder (created with useradd) I got nothing but 403 forbiddens from apache through the browser. However if I create the folder with mkdir and then viewed it. No problem. This held true even if I changed owners and permissions on the autogenerated user folders. Is it apache? Is it some other file? I'm not sure where what or how to change it. Is it the UserDir directive? Dunno.

BTW What is website.tld

Thanks
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

neophyte wrote:No you're following me okay.

That's what I'm trying to do. I'm trying to run virtual hosts. Ultimately I'd like to see:

1. /home/website/www/ web files go here

2. /home/website/www/ web files go here

3. /home/website/www/ web files go here

I've figured out the virtual host configuration. But I'm not sure what to do with the document root thing. If you run on all on virtual host what do you do with DocumentRoot? Okay to run it too?
As far as I know the main DocumentRoot directive becomes void once you add virtualhosts. The first <Virtualhost> will be resolved if you try to access the server by IP address, and if you want a domain name to resolve and show web contents it will have to be in a VirtualHost directive. Don't take that for granted because my memory is hazy on that one too so I should check and confirm. I personally just use virtualhosts for *all* of the websites I run on the server.

EDIT | Tested that theory. My DocumentRoot points to /usr/local/apache/htdocs which is empty. However typing the IP in the address bar takes me to my first <VirtualHost> so it's basically void.
Today if I created a user with useradd and the pointed the virtualhost at that users's auto generated folder (created with useradd) I got nothing but 403 forbiddens from apache through the browser. However if I create the folder with mkdir and then viewed it. No problem. This held true even if I changed owners and permissions on the autogenerated user folders. Is it apache? Is it some other file? I'm not sure where what or how to change it. Is it the UserDir directive? Dunno.
Sounds like the <Directory "/home/*/public_html"> directive is set to deny directory listings (That's the default). Try finding it in httpd.conf and changing it to this:

Code: Select all

<Directory /home/*/public_html>
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    IndexOptions FancyIndexing VersionSort
    <Limit GET POST OPTIONS PROPFIND>
        Order allow,deny
        Allow from all
    </Limit>
    <LimitExcept GET POST OPTIONS PROPFIND>
        Order deny,allow
        Deny from all
    </LimitExcept>
</Directory>
BTW What is website.tld

Thanks
tld == Top Level Domain (e.g. .com, .ac, .org)

So as an example I run healthpointuk.com from /srv/www/healthpointuk.com/

Code: Select all

<VirtualHost *:80>

ServerName healthpointuk.com
ServerAlias www.healthpointuk.com
DocumentRoot /srv/www/healthpointuk.com/

</VirtualHost>
Hope this helps :D
User avatar
neophyte
DevNet Resident
Posts: 1537
Joined: Tue Jan 20, 2004 4:58 pm
Location: Minnesota

Post by neophyte »

Thanks for the posts d11! I tried your advice and uncommented the userdir stuff. Still get:
Forbidden

You don't have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
Perhaps its a permissions thing. I've defined User and Group in httpd.conf as apache apache. The user in question is a member of apache. Now I'm starting to wonder if it's apache or some apache conf file somewhere. Any further clues?

Thanks for the tip on the Root Directory. Worked great!
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

neophyte wrote:Thanks for the posts d11! I tried your advice and uncommented the userdir stuff. Still get:
Forbidden

You don't have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
Perhaps its a permissions thing. I've defined User and Group in httpd.conf as apache apache. The user in question is a member of apache. Now I'm starting to wonder if it's apache or some apache conf file somewhere. Any further clues?

Thanks for the tip on the Root Directory. Worked great!
Is this for the virtual hosts or when you do something like: http://yourdomain.com/~user ?

If it's for the virtual hosts you'll need to do a similar thing for the hosts. In my case it would be a case of copying that block I pasted here but chnging the path from /home/*/public_html to /srv/www/* but in your case it would probably be:

Code: Select all

<Directory /home/*/www>
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    IndexOptions FancyIndexing VersionSort
    <Limit GET POST OPTIONS PROPFIND>
        Order allow,deny
        Allow from all
    </Limit>
    <LimitExcept GET POST OPTIONS PROPFIND>
        Order deny,allow
        Deny from all
    </LimitExcept>
</Directory>
User avatar
neophyte
DevNet Resident
Posts: 1537
Joined: Tue Jan 20, 2004 4:58 pm
Location: Minnesota

Post by neophyte »

Yeah I changed the directory path. That didn't work either. I even add the directory block inside of the virtual host directive with an explicit path /home/user/www. I just went through all the auto generated .files in the user root directory. I changed their names and restarted apache each time for each file. No change with that either. But for some reason if I delete the directory (e.g. "userdir") and recreate it using mkdir ("userdir") with the exact same name that works. No forbidden notices. I just don't understand why...
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

That's just weird. The only other reason I could think of that happening is if the execute permissions for "other" or not set on the home directory, such as:

Code: Select all

drwxr-x---  49 d11wtq users 2184 Dec 20 13:21 d11wtq
That would also produce a denied error I think since to read a directory you need to be able to execute it. I'm stumped apart from that.

It needs to be

Code: Select all

drwxr-xr-x  49 d11wtq users 2184 Dec 20 13:21 d11wtq
... unless apache is in the "users" group.
User avatar
neophyte
DevNet Resident
Posts: 1537
Joined: Tue Jan 20, 2004 4:58 pm
Location: Minnesota

Post by neophyte »

Apache belongs to apache. Group apache has no members. The group users has no members. Totally stumped. Doesn't make sense. Yet if I delete the directories and make them via mkdir. They'll work. Why? Mode on the files are set correctly.
Post Reply