HTTPD's Forbidden Problem solving

The problem is that after installing Apache, you do not want to use the default Web site root [documentroot], modify the configuration file/etc/httpd/conf/httpd.conf in DocumentRoot, and then access the There is a forbidden error, this article:

"This configuration httpd use of the official website of the Centos-6.6-x86_64-bin-dvd1.iso"

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/6C/1B/wKioL1VATYzQ92OSAAFEltt1K6A821.jpg "title=" 111. JPG "alt=" wkiol1vatyzq92osaafeltt1k6a821.jpg "/>

First, the problem recurs:

1. Create a new catalog file:

[[email protected]/]# mkdir-pv/vhost/www/htmlmkdir:created directory '/vhost ' mkdir:created directory '/vhost/www ' MKD ir:created directory '/vhost/www/html ' [[email protected]/]# echo "
2. Modify the configuration file:
2.1. # vim/etc/httpd/conf/httpd.conf
Modify the default: #DocumentRoot "/var/www/html" to: DocumentRoot "/vhost/www/html"
2.2. Restart HTTPD Service
[Email protected] conf]# service httpd restart
stopping httpd: [OK]
Starting httpd: [OK]
[Email protected] conf]#
Discovery denied access:
Forbiddenyou don ' t has permission to access/on the this server. apache/2.2.15 (CentOS) Server at 192.168.65.80 Port 80
Second, find solutions
The process of finding a solution has begun after the problem has occurred.
1, just beginning to think is not defined <directory ... Reason: Then began to modify:
<directory "/vhost/www/html" >//Modify Directory for your own web path Options Indexes followsymlinks//When the home page file is present, allow the list shape Type display file, allow connection file allowoverride None//Do not allow rewrite Order allow,deny//define access control allows all users to access </Directory>
Then reload the configuration file, found still Forbidden, "at this time I feel the whole person is not very good" realized that it is not direcotry problem, and then I patiently reread the configuration file configuration, found that there is no problem with the configuration file.
2, then is hard thinking, think that it is their own understanding of the configuration file is limited, and then in other have successfully changed the root directory and can access the host copy a copy of the httpd.conf file, using diff for comparison:
Note: Another machine that appears at this point is an experimental environment that is installed over the internet and has been turned off in the first place.
[[email protected] conf]# scp [email protected]:/etc/httpd/conf/httpd.conf ./ Httpd.81.com[email protected] ' s password: httpd.conf                                                                                                                        100%    34KB  33.7KB/s   00:00    [[email  Protected] conf]# < documentroot  "/vhost/www/html"---> DocumentRoot  "/vhost/web/html" 318c318,319< < directory  "/vhost/www/html" >---> #<Directory  "/var/www/html" >> < directory  "/vhost/web/html" >
found that in addition to the root directory of other configurations are the same, to here, has been able to clearly feel that is not a configuration file problem, at this time I just want to say: Apache Ah, we can still play happily together?
3, through the long thinking, suddenly think of Apache also have logs for analysis to see ....
[[email protected] conf]# tail /var/log/httpd/error_log [sat mar 28  15:39:47 2015] [error] [client 192.168.65.1]  (permission denied: access)  to /index.html denied[sat mar 28 15:41:42 2015] [notice] caught  SIGTERM, shutting down[Sat Mar 28 15:41:43 2015] [notice]  Selinux policy enabled; httpd running as context unconfined_u:system_r: Httpd_t:s0[sat mar 28 15:41:43 2015] [notice] suexec mechanism enabled   (wrapper: /usr/sbin/suexec) [sat mar 28 15:41:47 2015] [notice] digest :  generating secret for digest authentication&nbsp, ..... [sat mar 28 15:41:47 2015] [notice] digest: done[sat mar 28  15:41:47 2015] [notice] apache/2.2.15&nbSP; (Unix)  dav/2 configured -- resuming normal operations[sat mar 28  15:41:47 2015] [error] [client 192.168.65.1]  (permission denied: ) access to /index.html denied[sat mar 28 15:42:00 2015] [error] [ client 192.168.65.1]  (permission denied: access to /index.html denied)
Suddenly in front of a bright, see a long absence of the SELinux "[Notice] selinux policy enabled", found that it is open, thinking that the reason is not accessible because this guy is in mischief, and then by modifying the configuration file/etc/selinux/ Config
#SELINUX =enforcing = = = "Selinux=disable//modified to OFF
However, by modifying the configuration file does not take effect immediately need to restart the machine to make the post-change configuration to take effect, in this forbidden problem is already tangled for too long time, has been impatient for it to reboot ...-_-
In fact, SELinux has another way to temporarily shut down SELinux "but failed after reboot"
[[Email protected] conf]# setenforce 0[[email protected] conf]# sestatus  -vSELinux status:                  enabledSELinuxfs mount:                 /selinuxCurrent mode:                    permissive    // SELinux has been changed to permissive mode mode from config file:           error  (Success) policy version:                  24Policy from config file:         targetedProcess contexts:Current context:                  unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023init context:                     system_u:system_r:init_t:s0/sbin/mingetty                   system_u:system_r:getty_t:s0/usr/sbin/sshd                   system_u:system_r: sshd_t:s0-s0:c0.c1023file contexts:controlling term:                unconfined_u:object_r:user_devpts_t:s0/etc/passwd                       system_u:object_r:etc_t:s0/etc/shadow                      system_u:object_r:shadow_t:s0/bin/bash                        system_u:o bject_r:shell_exec_t:s0/bin/login                       system_u:object_r:login_exec_t:s0/bin/sh                           system_u:object_r:bin_t:s0 -> system_u:object_r:shell_exec_t: s0/sbin/agetty                     system_u:object_r:getty_exec_t:s0/sbin/init                       system_u:object_r: init_exec_t:s0/sbin/mingetty                   system_u:object_r:getty_exec_t:s0/usr/sbin/sshd                   system_u:object_r:sshd_exec_t:s0[[email protected]  conf]#  if the SELinux do not know much about the children's shoes &nbsp, you can ask the degree of Niang ....


Then visit the site and finally see the homepage file we just defined ....
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/6C/20/wKiom1VAVxaTdvo1AAD2thZSCuc244.jpg "title=" 222. JPG "alt=" wkiom1vavxatdvo1aad2thzscuc244.jpg "/>

At this point the forbidden problem has been solved successfully ....
======================================================
Postscript:
1, in solving the problem of forbidden has gone a lot of detours, in the emergence of forbidden just should consider to view the configuration file
2, if just change the root directory, 2.1 definition <Directory> This step is completely unnecessary, as long as the change directoryroot can access ...

Linux, even if you want to abuse my times, I still treat you like First love ...

This article is from the "impermanence" blog, please be sure to keep this source http://1inux.blog.51cto.com/10037358/1640243
HTTPD's Forbidden Problem solving