I took ssd vds to play, lay out my scripts. I installed the LAMP stack, I move the document_root from the folder / var / www / to / home / username / srv / for stubbornly stubbornly gives 403 error.

I climb into Google, write - give the rights to the / srv folder to the www-data user. I do it differently - I add the user www-data to the username group. It turns out that the user’s group owner rights are now extended to the user, namely, the second digit in the access rights. And I have the rights to the folder 775.

Further more. I set 777 permissions on all folders, both down the tree and up. The same result. I add the user www-data to the root group. Again 403 error.

I checked from whom the Apache starts the process - www-data, everything is correct. Where to dig - I'll never know.

I spread the configuration file

GNU nano 2.2.6 File: /etc/apache2/sites-available/musaevhs.ru.conf <VirtualHost *:80> ServerName musaevhs.ru ServerAdmin [email]musaev.haybulla@gmail.com[/email] DocumentRoot /home/musaevhs/srv/public_html/ <Directory /home/musaevhs/srv/public_html> Options FollowSymLinks AllowOverride None Require all granted </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> # vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Any thoughts that I missed?

    1 answer 1

    Add DirectoryIndex.
    Add a clipping from the error log.
    Add the output of ls -lah / home / musaevhs / srv and public_html.

    Directory permissions should be 755, and for files 644. Files and folders should be owned by www-data. Also lay out the command execution ps -ef | grep apache if debian and ps -ef | grep httpd if rhel.
    Remove www-data from the root group.
    Instead of require all for, register:

     order allow,deny allow all

    And how in httpd.conf do you include sites-available?

    • one
      Владельцем файлов и папок должен быть www-data - this is why? The owner must be a user, under which you will spread everything. You can only allow Apache to write to if there is no way without it (for example, you need to write logs somewhere or upload pictures somewhere) - BOPOH
    • @BOPOH is all selinux or appamor depending on which distribution. Well, or uzer pervert once in bsd uses nano. - Eugene P.
    • Well, why is a pervert right away? ..))) I am a newbie, as written in the instructions, I use them. And which editor do you recommend? .. - Musaev Haybulla
    • @MusaevHaybulla vi or vim. Problem solved? By the way, with the filing BOPOH thought about selinux / apparmor. Most likely you should either disable them or correct the apache profile. - Eugene P.