Home / ubuntu / Questions / 325498
Accepted
Enrique Moreno Tent
Asked: 2013-07-28 19:24:57 +0800 CST

Apache can't access folders in my home directory

  • 772

I have changed the configuration of Apache to point towards a folder in my home directory:

<VirtualHost *:80>
    ServerAdmin webmaster@localhost

    DocumentRoot /home/dbugger/html

    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>
    <Directory /home/dbugger/html/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
        AllowOverride None
        Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Order allow,deny
        Allow from all
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

</VirtualHost>

I have even given my /home/dbugger/html permission 777. But I still keep getting the same error message at http://localhost: "403 Forbidden"

What is it that I am missing?

apache2

5 Answers

  1. Best Answer

    This worked for me

    <Directory />
    Options Indexes FollowSymLinks Includes ExecCGI
    AllowOverride All
    Require all granted
    Allow from all
</Directory>

    The important bit was to change

    Order allow, deny

    to

    Require all granted
    • 30

  2. Enable userdir module:

    sudo a2enmod userdir

    Enable PHP execution in user directory:

    sudo nano /etc/apache2/mods-available/php5.conf

    (Or if using php7.0, for example)

    sudo nano /etc/apache2/mods-available/php7.0.conf

    Comment this part (put # at the start of each line):

    #<IfModule mod_userdir.c>
#    <Directory /home/*/public_html>
#        php_admin_flag engine Off
#    </Directory>
#</IfModule>

    Press Ctrl+X to save

    Enable directory listing:

    sudo nano /etc/apache2/apache2.conf

    Add this: 

    <Directory /home/*/public_html/>
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted
</Directory>

    Press Ctrl+X to save

    Restart apache (sudo required here also):

    sudo service apache2 restart

    Now put your php files in /home/yourname/public_html directory and go to
    http://localhost/~yourname from your web browser.

    • 24

  3. Apache runs as user www-data. If it doesn't have execution permission on your home, apache will not be able to read any file.

    Change you home's group to www-data:

    chgrp www-data /home/dbugger

    And give it permission only to traverse your home directory:

    chmod g+x /home/dbugger

    You can also restrict permisions of /home/dbugger/html:

    chgrp www-data /home/dbugger/html
chmod 750 /home/dbugger/html
    • 16

  4. You don't need change the permissions if you want to use your home directory to host the development environment, at least that you need write permissions for some applications. You need apache mod_userdir module and you can access to /home/user_name/public_html/* like this http://domain.local/~user_name/dir_name/* for use a virtual hosts, to use the mod_userdir module you need create a sym link like this:

    $ sudo ln -s /etc/apache2/mods-available/userdir.conf /etc/apache2/mods-enabled/
$ sudo ln -s /etc/apache2/mods-available/userdir.load /etc/apache2/mods-enabled/
$ sudo service apache2 restart
    • 2

  5. according to their page: https://httpd.apache.org/docs/2.4/howto/public_html.html

    you can set userdir to something better: /var/www and create a directory in there by a "username", which you could make owned by a simple user, but world readable (i.e. 755), the user is required to copy files there, but it's a lot safer than making / or ~ world readable, etc.

    • 0