I have a test server on a private network (IP 192.168.101.2). I have public addresses that get forwarded by the router to the server on the private network. For instance, www.ez-ms.com resolves to the public address 206.72.99.14. The router forwards this to 192.168.101.2.
All pretty straight forward.
I changed my template to use the public address for DNS. I left the VM shared address as "From network interface" which eth0 resolves to 192.168.101.2.
All is fine so far. DNS resolves correctly and the server is setup in it's correct /home/ez-ms.com directory.
FTP via a browser to 'ftp.ez-ms.com' works fine. I get prompted for the user/password and it places me at the virtual root /home/ez-ms.com.
However, any access to the 'http' protocol does not resolve to the virtual root.
In httpd.conf: [code:1]NameVirtualHost 192.168.101.2:80 NameVirtualHost 206.72.99.14:80 [/code:1] and the Virtual Server was configured by VM to be: [code:1]<VirtualHost 192.168.101.2:80> SuexecUserGroup "#501" "#502" ServerName ez-ms.com ServerAlias www.ez-ms.com ServerAlias webmail.ez-ms.com ServerAlias admin.ez-ms.com ServerAlias lists.ez-ms.com DocumentRoot /home/ez-ms.com/public_html ErrorLog /home/ez-ms.com/logs/error_log CustomLog /home/ez-ms.com/logs/access_log combined ScriptAlias /cgi-bin/ /home/ez-ms.com/cgi-bin/ ScriptAlias /awstats /home/ez-ms.com/cgi-bin DirectoryIndex index.html index.htm index.php index.php4 index.php5 <Directory /home/ez-ms.com/public_html> Options -Indexes IncludesNOEXEC FollowSymLinks ExecCGI allow from all AllowOverride All AddHandler fcgid-script .php AddHandler fcgid-script .php5 FCGIWrapper /home/ez-ms.com/fcgi-bin/php5.fcgi .php FCGIWrapper /home/ez-ms.com/fcgi-bin/php5.fcgi .php5 </Directory> <Directory /home/ez-ms.com/cgi-bin> allow from all </Directory> RewriteEngine on RewriteCond %{HTTP_HOST} =webmail.ez-ms.com RewriteRule ^(.) https://ez-ms.com:20000/ [R] RewriteCond %{HTTP_HOST} =admin.ez-ms.com RewriteRule ^(.) https://ez-ms.com:10000/ [R] RemoveHandler .php RemoveHandler .php5 IPCCommTimeout 31 <Files awstats.pl> AuthName "ez-ms.com statistics" AuthType Basic AuthUserFile /home/ez-ms.com/.awstats-htpasswd require valid-user </Files> PerlRequire /etc/webmin/virtualmin-google-analytics/apachemod.pl PerlOutputFilterHandler Virtualmin::GoogleAnalytics Alias /dav /home/ez-ms.com/public_html Alias /pipermail /var/lib/mailman/archives/public <Location /dav> DAV On AuthType Basic AuthName ez-ms.com AuthUserFile /home/ez-ms.com/etc/dav.digest.passwd Require valid-user ForceType text/plain Satisfy All RemoveHandler .php RemoveHandler .php5 </Location> RedirectMatch /cgi-bin/mailman/([^/])(.) https://ez-ms.com:10000/virtualmin-mailman/unauthenticated/$1.cgi$2 RedirectMatch /mailman/([^/])(.) https://ez-ms.com:10000/virtualmin-mailman/unauthenticated/$1.cgi$2 <Location /svn> DAV svn SVNParentPath /home/ez-ms.com/svn AuthType Basic AuthName ez-ms.com AuthUserFile /home/ez-ms.com/etc/svn.basic.passwd Require valid-user AuthzSVNAccessFile /home/ez-ms.com/etc/svn-access.conf Satisfy Any </Location> </VirtualHost> [/code:1] When I try to access http://www.ez-ms.com I get: [code:1]Forbidden
You don't have permission to access / on this server. Apache/2.2.8 (Fedora) Server at www.ez-ms.com Port 80[/code:1]
I do not know what to do next... I'm sure it's some funny related to the public/private interfaces. I've searched the archives and found some info, but nothing that offers a solution.
Can anyone help?
thanks, tony
is there a .htaccess denying access?
is the public_html world-readable? 0755 ..
No .htaccess at all and no, it's not world-readable. It is 750 per the template specification (inheritied from the default template). Only members of group apache should be able to access.
[code:1][root@linux1 /]# find / -type f -name .htaccess -print
/home/ez-ms.com/public_html/stats/.htaccess.
[root@linux1 /]# ls -ld /home/ez-ms.com/public_html
drwxr-x--- 3 ez-ms.com ez-ms.com 4096 2008-11-15 14:46 /home/ez-ms.com/public_html
[/code:1]
Interesting that the group is '4096' instead of being listed as 'apache'... Will investigate a bit further.
My error, the 4096 is the size. But according to the template it should be group 'apache' instead of group 'ez-ms.com'... Or maybe apache needs to be configured to run as group 'ez-ms.com'?
apache is in the 'ez-ms.com' group. And it appears that the files are geting installed correctly (other than no .htaccess file).
An ls -l of /home/ez-ms.com looks like:
[code:1]
[root@linux1 /]# ls -ld /home/ez-ms.com/public_html
drwxr-x--- 3 ez-ms.com ez-ms.com 4096 2008-11-15 14:46 /home/ez-ms.com/public_html
[/code:1]
and public_html looks like:
[code:1]
[root@linux1 public_html]# ls -la
total 40
drwxr-x--- 4 ez-ms.com ez-ms.com 4096 2008-11-15 16:45 .
drwxr-x--- 14 ez-ms.com ez-ms.com 4096 2008-11-15 16:45 ..
-rw-r--r-- 1 ez-ms.com ez-ms.com 3002 2008-11-15 16:45 about.html
lrwxrwxrwx 1 root root 31 2008-11-15 16:45 awstats-icon -> /usr/share/awstats/wwwroot/icon
-rw-r--r-- 1 ez-ms.com ez-ms.com 5026 2008-05-11 17:19 bluebusiness.css
-rw-r--r-- 1 ez-ms.com ez-ms.com 3004 2008-11-15 16:45 contact.html
lrwxrwxrwx 1 root root 31 2008-11-15 16:45 icon -> /usr/share/awstats/wwwroot/icon
drwxr-xr-x 2 ez-ms.com ez-ms.com 4096 2008-11-15 16:45 images
-rw-r--r-- 1 ez-ms.com ez-ms.com 2958 2008-11-15 16:45 index.html
-rw-r--r-- 1 ez-ms.com ez-ms.com 685 2008-11-15 16:45 LICENSE.txt
drwxr-xr-x 2 ez-ms.com ez-ms.com 4096 2008-11-15 16:45 stats
[/code:1]
your website now shows.
What did you do to solve it?
I have no idea!!!!
I didn't change a thing that I can think of. I've created/deleted this site so many times that I loose track. Nothing appears different in httpd.conf and I don't think I changed anything in the templates. I actually deleted/created this same server between the prior responses.
I don't know this httpd stuff but it seems that if the "NameVirtualHost" is the system's address and port (like 192.168.101.2:80) and with a 'VirtualHost' of '192.168.101.2:80'; it's not clear at all to me what happens when the next virtual server is added. Won't this be in conflict? I would think it would create a 'NameVirtualHost' as the actual domain name (like 'ez-ms.com') and then create a 'VirtualHost' by that name so that they remain separated.
It's a mystery to me why it started working. But it makes me VERY nervous when I don't understand what changed because my experience is that it will come back to bite me at a less appropriate time.
Will try to create another server and see what happens...
tony
Guess I'll approach with first things first.... I mv'd index.html to index.php and changed the content to be
[code:1]"Test you are here: <?php echo getcwd();?>[/code:1]
Unfortunately it reads "Test you are here: "... So it appears that php is NOT available. I thought the template specified PHP5 as the version to use. So guess I'll have to figure this one out next. Then I'll try creating another server!
Any thoughts?
Okay, php for some reason is now magically working (seemingly correctly).
However, I created a 2nd virtual host (test.com). I'm now back to the same old "Forbidden - you don't have permission to access '/' on this server.
The httpd.conf file had another <VirtualHost 192.168.101.2:80> entry added.
Since I have no idea of what I did before, I have no idea what to do now to get this 2nd site to work!
Any clues?
thanks,
tony
Also, it did not put any of the default web content in the directory. However, I didn't provide any string in the textbox so maybe no content is applied if there's no text in the "Initial website content" area?
Specifying content solves the problem....