Re: [mod-security-users] 403 Forbidden error
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] 403 Forbidden error
|
From: Ivan R. <iv...@we...> - 2006-03-01 23:40:11
|
Steve McKinney wrote:
> I am running hardened-gentoo (with grsecurity) and have apache 2.0.55. I
> have installed mod_security 1.87 (the latest version gentoo has marked
> stable) and am using the chroot feature.
>
> When I try to access a page using:
>
> links http://127.0.0.1
>
> I receive a 403 Forbidden error saying that I do not have permission to
> access / on this server.
>
> I can access the page if I turn off mod_security
>
> My current DocumentRoot is set to /var/www/localhost/htdocs/
>
> So my html files are in:
>
> /var/chroot/apache2/var/www/localhost/htdocs/
>
> The permissions are the same on the real DocumentRoot as they are on the
> DocumentRoot inside the jail.
>
> Any thoughts?
The message in the error log will give you a clue as to
what might be the problem.
My guess is that you need something like:
<Directory /var/www/localhost/htdocs/>
Order allow,deny
Allow from all
</Directory>
--
Ivan Ristic, Technical Director
Thinking Stone, http://www.thinkingstone.com
ModSecurity: Open source Web Application Firewall
Apache Security (O'Reilly): http://www.apachesecurity.net
|
