I'm getting 403 error using passenger for rails in apache

Question

I've already installed the needed tools, and followed several tutorials trying to make passenger respond.

I can access static files in public folder (public/500.html or 422.hml). Yesterday I entered through a vhost, and found some passenger errors. But some time later the hosting restarted the service, and since then I have not been able to access the rails app again.

link

link

link

These are some of the links I used to configure the server. I've also read that could be a permission issue; I've checked that, but I'm not sure it's fine.

Answer 1

First of all check your error log. By default, it placed at /var/log/apache2/.

If you have client denied by server configuration issue, check your site conf file at /etc/apache2/sites-available/your-site.conf. It must be in compliance with Phusion Passenger User Guide. Take a look on Require all granted.

<Directory "/home/user/folder">
    Require all granted 
    Options FollowSymLinks
    # This relaxes Apache security settings.
    AllowOverride None
    # MultiViews must be turned off.
    Order allow,deny
    Allow from all
</Directory>

Answer 2

OK for me this meant I was running rails 2.3 and using Phusion Passenger 5.x

Apparently 5.x doesn't work with 2.2 at all, and with 2.3 requires you to copy in a config.ru file first (so that rails will use rack for the backend).

example config.ru file for 2.3:

# Rack Dispatcher

# Require your environment file to bootstrap Rails
require File.dirname(__FILE__) + '/config/environment'

# Dispatch the request
run ActionController::Dispatcher.new

I could not figure out why no incantations seemed to work, it was like Passenger was ignoring my rails app.

In my /var/log/apache2/error.log file, I had this:

[Mon May 11 15:47:00.397891 2015] [autoindex:error] [pid 17490:tid 3058694976] [client 216.49.181.251:49248] AH01276: Cannot serve directory /home/x/y/railsapp/public/: No matching DirectoryIndex (index.html,index.cgi,index.pl,index.php,index.xhtml,index.htm) found, and server-generated directory index forbidden by Options directive, referer: https://www.google.com/

Which confused the heck out of me an apparently meant "passenger isn't running on that virtual host".

If I created a public/index.html file, apache served that fine so it wasn't a permissions issue.

I also saw this, which meant passenger was starting up ok:

[ 2015-05-11 18:23:53.9594 4964/b7415700 agents/Watchdog/Main.cpp:728 ]: All Phusion Passenger agents started!

See also https://www.phusionpassenger.com/documentation/Users%20guide%20Apache%204.0.html#_i_get_a_403_forbidden_error

So basically with passenger 5.x (in the release notes it says that rails 2.2 isn't supported, 2.3 is only supported if you create a "config.ru" file in the root of your rails app. It works with old versions of rack like rails 2.3 requires, just remove your newer rack gem and install 1.1.6 or what not, remove vendored rack gems if any. GL!

Also as a side note, this message:

[Mon May 11 18:25:10.235574 2015] [core:alert] [pid 5263:tid 3017780032] [client 127.0.0.1:56737] /home/rdp/dev/prod_flds/public/.htaccess: Invalid command 'RewriteEngine', perhaps misspelled or defined by a module not included in the server configuration

meant "remove your public/.htaccess file it's not needed typically by passenger"

Answer 3

I also got an 403 error using passenger for rails in apache on my Mac OS 10.9 (an Unix-like system). Here's some tips:

1. You can check apache log directory and see the what happened. The directory: /var/log/apache2/error_log.

2. Issue: Permission denied: access to / denied ( filesystem path 'path_apache_access' ) because search permissions are missing on a component of the path.

   Check 'path_apache_access' by CLI: ls -ld 'path_apache_access' and use chmod +x to change the path privilege.

   Also, note this: Httpd Wiki - (13) Permission Denied-.

3. Issue: configuration error: couldn't perform authentication. AuthType not set!.

   Issue: client denied by server configuration.

   Go to /etc/apache2/httpd.conf and take a look on <Directory> tag.

   Check apache version by CLI: apachectl -v, if Apache < 2.4, do NOT uncomment "Require all granted".

   <Directory "rails_app_directory/public">
         # This relaxes Apache security settings.
         AllowOverride all
         # MultiViews must be turned off.
         Options -MultiViews
         # Uncomment this if you're on Apache >= 2.4:
         # Require all granted
         Options FollowSymLinks
         Order allow,deny
         Allow from all
   </Directory>
   

Answer 4

Answer was that passenger gave me 403 because i had to set environment variable "RackEnv" on apache configuration to "development" (on my case).