Score:0

Server

Ubuntu 22.04 php8.1-fpm wifth Apache - 403 Forbidden You don't have permission to access this resource

Teo76

8/25/23, 12:32 PM

I installed php8.1-fpm on Ubuntu 22.04. In principle, I set everything up, but still "403 Forbidden You do not have permission to access this resource "error message is displayed. The system is configured on an internal network with a self-signed certificate for development purposes.

I've done it with virtualmin so far, but now I want to get used to it ... I bought the configuration basics from there, but obviously something is still missing

/etc/apache2/sites-available/mydomain.dev.conf:

<VirtualHost 192.168.0.4:443>
    SuexecUserGroup "#1000" "#1000"

    ServerName "mydomain.dev"

    DocumentRoot "/home/mydomain/public_html"

    ErrorLog "/home/mydomain/etc/log/md_error_log"
    CustomLog "/home/mydomain/etc/log/md_access_log" "combined"

    ScriptAlias "/cgi-bin/" "/home/mydomain/etc/cgi-bin/"

    DirectoryIndex index.php index.html

    <Directory "/home/mydomain/public_html">
        Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch +ExecCGI
        allow from all
        AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
        Require all granted
        AddType application/x-httpd-php .php
        AddHandler fcgid-script .php
        AddHandler fcgid-script .php8.1
        FCGIWrapper /home/mydomain/etc/fcgi-bin/php8.1.fcgi .php
        FCGIWrapper /home/mydomain/etc/fcgi-bin/php8.1.fcgi .php8.1
    </Directory>

    <Directory "/home/mydomain/etc/cgi-bin">
        allow from all
        AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
        Require all granted
    </Directory>

    SSLEngine on
    SSLCertificateFile /home/mydomain/etc/certs/mydomain.dev+4.pem
    SSLCertificateKeyFile /home/mydomain/etc/certs/mydomain.dev+4-key.pem
    SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
    SSLCACertificateFile /home/mydomain/.local/share/mkcert/rootCA.pem
    IPCCommTimeout 31
</VirtualHost>

/home/mydomain/etc/fcgi-bin/php8.1.fcgi:

#!bin/bash
PHPRC=$PWD/../etc/php8.1
export PHPRC
unmask 022
PHP_FCGI_CHILDREN=20
export PHP_FCGI_CHILDREN
PHP_FCGI_MAX_REQUESTS=99999
export PHP_FCGI_MAX_REQUESTS
exec /bin/php-cgi8.1

/etc/mydomain/public_html and subdirectories permissions: 0755 files permissions: 0644

error log (there is no link to /favicon.ico):

[Mon Apr 25 14:22:06.490822 2022] [core:error] [pid 24678] (13)Permission denied: [client 192.168.0.4:51818] AH00035: access to / denied (filesystem path '/home/mydomain/public_html') because search permissions are missing on a component of the path
[Mon Apr 25 14:22:06.721894 2022] [core:error] [pid 24678] (13)Permission denied: [client 192.168.0.4:51818] AH00035: access to /favicon.ico denied (filesystem path '/home/mydomain/public_html') because search permissions are missing on a component of the path, referer: https://mydomain.dev/

Thank you very much in advance for your help

267

0 + 0

php

fastcgi

php-fpm

aynber

8/25/23, 12:34 PM

What are the file permissions for /home/mydomain/public_html ?

Gerald Schneider

8/25/23, 12:43 PM

You are mixing Apache 2.2 and Apache 2.4 syntax, which [leads to indeterminate results and is discouraged](https://httpd.apache.org/docs/2.4/upgrading.html#run-time). Use the proper syntax for your version.

Gerald Schneider

8/25/23, 12:51 PM

Additionally: Your site config file is missing the VirtualHost definition. This could collide with other VirtualHosts. And is the site enabled (meaning does a symlink to it in `sites-enabled` exist)?

Teo76

8/25/23, 12:51 PM

/etc/mydomain/public_html/ and subdirectories owner/group: mydomain permissions: rwx r-x r-x /etc/mydomain/public_html/*.php *.css etc owner/group: mydomain permissions: rw- r-- r--

Teo76

8/25/23, 12:52 PM

yes: exists the sites-enabled

Teo76

8/25/23, 1:21 PM

only this one VirtualHost exists outside the 00-default.conf and default-ssl.conf

Teo76

8/25/23, 1:26 PM

this is behind the original question: /etc/apache2/sites-available/mydomain.dev.conf: <VirtualHost 192.168.0.4:443> ... </VirtualHost>

djdomi

8/25/23, 5:32 PM

you do not really host your web files in `/etc`? Moreover, administration Panel are off-topic for serverfault.com

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Ubuntu 22.04 php8.1-fpm wifth Apache - 403 Forbidden You don't have permission to access this resource

TH: Ubuntu 22.04 php8.1-fpm wifth Apache - 403 Forbidden คุณไม่ได้รับอนุญาตให้เข้าถึงแหล่งข้อมูลนี้

RO: Ubuntu 22.04 php8.1-fpm cu Apache - 403 Interzis Nu aveți permisiunea de a accesa această resursă

RU: Ubuntu 22.04 php8.1-fpm с Apache — 403 Запрещено У вас нет разрешения на доступ к этому ресурсу

VI: Ubuntu 22.04 php8.1-fpm với Apache - 403 Bị cấm Bạn không có quyền truy cập tài nguyên này

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.