Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Apache RewriteEngine On causes 403 error

Tags:

linux

apache

.htaccess

mod-rewrite

centos6

I have a Linux box running Centos 6.6 with Apaches 2.2.x For some unknown reason, turning on the rewrite engine causes a 403 error (this happens whether I add a rewrite rule or not).

I have spent hours researching this and have made changes to my config in accordance with advice I have found in many places, but still got nowhere.

Currently in my .htaccess I have this:

<IfModule mod_rewrite.c>  
Options +FollowSymLinks  
RewriteEngine On  
</IfModule>

In the directives for the virtual host, I have this:

DocumentRoot /var/www/html/example.uk  
<Directory /var/www/html/example.uk>  
Options Indexes FollowSymLinks MultiViews  
AllowOverride All
Order allow,deny
allow from all
</Directory>
ServerName example.uk  
ServerAlias www.example.uk

(This seems to work in a Debian box, but not for my Centos machine.)

In my httpd.conf I have changed

AllowOverride None

to

AllowOverride All

my httpd.conf also contains LoadModule rewrite_module modules/mod_rewrite.so

Error log says:

Options FollowSymLinks or SymLinksIfOwnerMatch is off which implies that RewriteRule directive is forbidden: /var/www/html/example.uk

Now, I have previously added SymLinksIfOwnerMatch to the directives, but it didn't solve the problem.

I followed this and all seemed to go as it should.

like image 496
Jez D Avatar asked Apr 23 '15 05:04

Jez D

3 Answers

This happens when Apache doesn't have execute rights for

/var
/var/www
/var/www/html
/var/www/html/example.uk

Run:

chmod o+x /var /var/www /var/www/html /var/www/html/example.uk
like image 181
Pedro Lobito Avatar answered Oct 24 '22 01:10

Pedro Lobito

Since apache version >= 2.4 directive 

Order allow,deny
allow from all

leads to a global 403, to ensure this if you check you're apache's log :

[Tue May 05 11:54:32.471679 2015] [authz_core:error] [pid 9497] [client 127.0.0.1:35908] AH01630: client denied by server configuration: /path/to/web/

Comment Directive Order and add Require all granted like bellow:

 Require all granted
 #Order allow,deny
 #allow from all

Hope this help.

Edit :

explanation from apache This behaviour is provided by new module mod_authz_host

For list of restriction available (ip, host, etc) http://httpd.apache.org/docs/2.4/en/mod/mod_authz_host.html

like image 33
bastien Avatar answered Oct 24 '22 01:10

bastien

You should remove this line from htaccess

Options +FollowSymLinks

You already have it in the apache vhost file. Also if you should add a rule if you're going to turn on mod_rewrite or there is no point to turning it on.

like image 1
Panama Jack Avatar answered Oct 24 '22 01:10

Panama Jack
Sign in to Comment

Related questions

setfacl remove group permission
What is a shell command to find the longest common substring of two strings in unix?
Best approach for writing a Linux Server in C (phtreads, select or fork ? )
Run a system command when an IPTables rule is matched
How to echo line with multiple quotes/special characters into file?
Printing Partition Table - C program
close on socket not releasing file descriptor
Bash script: can not properly handle SIGTSTP
What socket error do I get when TCP keep-alive breaks the connection?
Linux Shared Memory Synchronization
Sending binary data over Bluetooth/RFCOMM/SPP converts 0x0A to 0x0D 0x0A
OSError: [Errno 12] Cannot allocate memory from python subprocess.call
Linux: Create automatically C++ makefile from given source files
spidev cannot control the chip select signal
How to draw using framebuffer on Android?
How to connect an ethernet device directly to a switch in linux?
the shared library RPATH and the binary RPATH priority
create /dev/fakeDevice supporting read, write and ioctl
Copy Android MTP files using linux terminal or python; error Operation not supported
How can I add a PPA repository using Ansible?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!