Page 1 of 1
common apache configurations
Posted: Mon Dec 19, 2005 4:57 pm
by neophyte
Hey all I'm wondering if there are some common apache configuration patterns for linux and I'm wondering where I might find them.
For example, do you throw the DocumentRoot under /home/htdocs/? Then do soft link the website folders to /home/website. If so how do you keep /home/htdocs/ from serving pages?
Thanks
Re: common apache configurations
Posted: Mon Dec 19, 2005 5:41 pm
by Chris Corbyn
neophyte wrote:Hey all I'm wondering if there are some common apache configuration patterns for linux and I'm wondering where I might find them.
For example, do you throw the DocumentRoot under /home/htdocs/? Then do soft link the website folders to /home/website. If so how do you keep /home/htdocs/ from serving pages?
Thanks
This various across Linux distros. My setup is non-standard with all full websites at /srv/www/websitename.tld/ and the usual places for user public_html directories.
If you're looking to stop a directory from serving web pages you just need to create a <Directory ""> directive for that location and deny all inside that.
I run virtual hosts so my setup is a little different anyway.
Unless I'm misunderstanding you?
Posted: Mon Dec 19, 2005 6:27 pm
by neophyte
No you're following me okay.
That's what I'm trying to do. I'm trying to run virtual hosts. Ultimately I'd like to see:
1. /home/website/www/ web files go here
2. /home/website/www/ web files go here
3. /home/website/www/ web files go here
I've figured out the virtual host configuration. But I'm not sure what to do with the document root thing. If you run on all on virtual host what do you do with DocumentRoot? Okay to run it too?
Okay here's another dumb question. Today if I created a user with useradd and the pointed the virtualhost at that users's auto generated folder (created with useradd) I got nothing but 403 forbiddens from apache through the browser. However if I create the folder with mkdir and then viewed it. No problem. This held true even if I changed owners and permissions on the autogenerated user folders. Is it apache? Is it some other file? I'm not sure where what or how to change it. Is it the UserDir directive? Dunno.
BTW What is website.tld
Thanks
Posted: Mon Dec 19, 2005 7:39 pm
by Chris Corbyn
neophyte wrote:No you're following me okay.
That's what I'm trying to do. I'm trying to run virtual hosts. Ultimately I'd like to see:
1. /home/website/www/ web files go here
2. /home/website/www/ web files go here
3. /home/website/www/ web files go here
I've figured out the virtual host configuration. But I'm not sure what to do with the document root thing. If you run on all on virtual host what do you do with DocumentRoot? Okay to run it too?
As far as I know the main DocumentRoot directive becomes void once you add virtualhosts. The first <Virtualhost> will be resolved if you try to access the server by IP address, and if you want a domain name to resolve and show web contents it will have to be in a VirtualHost directive. Don't take that for granted because my memory is hazy on that one too so I should check and confirm. I personally just use virtualhosts for *all* of the websites I run on the server.
EDIT | Tested that theory. My DocumentRoot points to /usr/local/apache/htdocs which is empty. However typing the IP in the address bar takes me to my first <VirtualHost> so it's basically void.
Today if I created a user with useradd and the pointed the virtualhost at that users's auto generated folder (created with useradd) I got nothing but 403 forbiddens from apache through the browser. However if I create the folder with mkdir and then viewed it. No problem. This held true even if I changed owners and permissions on the autogenerated user folders. Is it apache? Is it some other file? I'm not sure where what or how to change it. Is it the UserDir directive? Dunno.
Sounds like the <Directory "/home/*/public_html"> directive is set to deny directory listings (That's the default). Try finding it in httpd.conf and changing it to this:
Code: Select all
<Directory /home/*/public_html>
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
IndexOptions FancyIndexing VersionSort
<Limit GET POST OPTIONS PROPFIND>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS PROPFIND>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
BTW What is website.tld
Thanks
tld == Top Level Domain (e.g. .com, .ac, .org)
So as an example I run healthpointuk.com from /srv/www/healthpointuk.com/
Code: Select all
<VirtualHost *:80>
ServerName healthpointuk.com
ServerAlias www.healthpointuk.com
DocumentRoot /srv/www/healthpointuk.com/
</VirtualHost>
Hope this helps

Posted: Mon Dec 19, 2005 9:56 pm
by neophyte
Thanks for the posts d11! I tried your advice and uncommented the userdir stuff. Still get:
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
Perhaps its a permissions thing. I've defined User and Group in httpd.conf as apache apache. The user in question is a member of apache. Now I'm starting to wonder if it's apache or some apache conf file somewhere. Any further clues?
Thanks for the tip on the Root Directory. Worked great!
Posted: Tue Dec 20, 2005 4:27 am
by Chris Corbyn
neophyte wrote:Thanks for the posts d11! I tried your advice and uncommented the userdir stuff. Still get:
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
Perhaps its a permissions thing. I've defined User and Group in httpd.conf as apache apache. The user in question is a member of apache. Now I'm starting to wonder if it's apache or some apache conf file somewhere. Any further clues?
Thanks for the tip on the Root Directory. Worked great!
Is this for the virtual hosts or when you do something like:
http://yourdomain.com/~user ?
If it's for the virtual hosts you'll need to do a similar thing for the hosts. In my case it would be a case of copying that block I pasted here but chnging the path from /home/*/public_html to /srv/www/* but in your case it would probably be:
Code: Select all
<Directory /home/*/www>
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
IndexOptions FancyIndexing VersionSort
<Limit GET POST OPTIONS PROPFIND>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS PROPFIND>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
Posted: Tue Dec 20, 2005 8:47 am
by neophyte
Yeah I changed the directory path. That didn't work either. I even add the directory block inside of the virtual host directive with an explicit path /home/user/www. I just went through all the auto generated .files in the user root directory. I changed their names and restarted apache each time for each file. No change with that either. But for some reason if I delete the directory (e.g. "userdir") and recreate it using mkdir ("userdir") with the exact same name that works. No forbidden notices. I just don't understand why...
Posted: Tue Dec 20, 2005 9:08 am
by Chris Corbyn
That's just weird. The only other reason I could think of that happening is if the execute permissions for "other" or not set on the home directory, such as:
Code: Select all
drwxr-x--- 49 d11wtq users 2184 Dec 20 13:21 d11wtq
That would also produce a denied error I think since to read a directory you need to be able to execute it. I'm stumped apart from that.
It needs to be
Code: Select all
drwxr-xr-x 49 d11wtq users 2184 Dec 20 13:21 d11wtq
... unless apache is in the "users" group.
Posted: Thu Dec 22, 2005 9:29 am
by neophyte
Apache belongs to apache. Group apache has no members. The group users has no members. Totally stumped. Doesn't make sense. Yet if I delete the directories and make them via mkdir. They'll work. Why? Mode on the files are set correctly.