SourceForge has been redesigned. Learn more.

403 Forbidden

  • Carl Johnson

    Carl Johnson - 2013-09-18

    Brand new install on CentOS 5.9. I've followed the instructions here...

    to get it installed. i'm getting a 403 error when i try to load

    here's my httpd.conf

    This is the main Apache server configuration file. It contains the

    configuration directives that give the server its instructions.

    See URL: for detailed information.

    In particular, see


    for a discussion of each configuration directive.

    Do NOT simply read the instructions in here without understanding

    what they do. They're here only as hints or reminders. If you are unsure

    consult the online docs. You have been warned.

    The configuration directives are grouped into three basic sections:

    1. Directives that control the operation of the Apache server process as


    whole (the 'global environment').

    2. Directives that define the parameters of the 'main' or 'default'


    which responds to requests that aren't handled by a virtual host.

    These directives also provide default values for the settings

    of all virtual hosts.

    3. Settings for virtual hosts, which allow Web requests to be sent to

    different IP addresses or hostnames and have them handled by the

    same Apache server process.

    Configuration and logfile names: If the filenames you specify for many

    of the server's control files begin with "/" (or "drive:/" for Win32), the

    server will use that explicit path. If the filenames do not begin

    with "/", the value of ServerRoot is prepended -- so "logs/foo.log"

    with ServerRoot set to "/etc/httpd" will be interpreted by the

    server as "/etc/httpd/logs/foo.log".

    Section 1: Global Environment

    The directives in this section affect the overall operation of Apache,

    such as the number of concurrent requests it can handle or where it

    can find its configuration files.

    Don't give away too much information about all the subcomponents

    we are running. Comment out this line if you don't mind remote sites

    finding out what major optional modules you are running

    ServerTokens OS

    ServerRoot: The top of the directory tree under which the server's

    configuration, error, and log files are kept.

    NOTE! If you intend to place this on an NFS (or otherwise network)

    mounted filesystem then please read the LockFile documentation

    (available at <URL:


    you will save yourself a lot of trouble.

    Do NOT add a slash at the end of the directory path.

    ServerRoot "/etc/httpd"

    PidFile: The file in which the server should record its process

    identification number when it starts.

    PidFile "/var/run/"

    Timeout: The number of seconds before receives and sends time out.

    TimeOut 300

    KeepAlive: Whether or not to allow persistent connections (more than

    one request per connection). Set to "Off" to deactivate.

    KeepAlive on

    MaxKeepAliveRequests: The maximum number of requests to allow

    during a persistent connection. Set to 0 to allow an unlimited amount.

    We recommend you leave this number high, for maximum performance.

    MaxKeepAliveRequests 100

    KeepAliveTimeout: Number of seconds to wait for the next request from the

    same client on the same connection.

    KeepAliveTimeout 15

    Server-Pool Size Regulation (MPM specific)

    prefork MPM

    StartServers: number of server processes to start

    MinSpareServers: minimum number of server processes which are kept spare

    MaxSpareServers: maximum number of server processes which are kept spare

    MaxClients: maximum number of server processes allowed to start

    MaxRequestsPerChild: maximum number of requests a server process serves

    <IfModule prefork.c="">
    StartServers 8
    MinSpareServers 5
    MaxSpareServers 20
    MaxClients 256
    MaxRequestsPerChild 0

    worker MPM

    StartServers: initial number of server processes to start

    MaxClients: maximum number of simultaneous client connections

    MinSpareThreads: minimum number of worker threads which are kept spare

    MaxSpareThreads: maximum number of worker threads which are kept spare

    ThreadsPerChild: constant number of worker threads in each server process

    MaxRequestsPerChild: maximum number of requests a server process serves

    <IfModule worker.c="">
    StartServers 2
    MaxClients 150
    MinSpareThreads 25
    MaxSpareThreads 75
    ThreadsPerChild 25
    MaxRequestsPerChild 0

    Listen: Allows you to bind Apache to specific IP addresses and/or

    ports, in addition to the default. See also the <VirtualHost>


    Change this to Listen on specific IP addresses as shown below to

    prevent Apache from glomming onto all bound IP addresses (


    Listen *:80

    Dynamic Shared Object (DSO) Support

    To be able to use the functionality of a module which was built as a DSO


    have to place corresponding `LoadModule' lines at this location so the

    directives contained in it are actually available before they are used.

    Statically compiled modules (those listed by `httpd -l') do not need

    to be loaded here.


    LoadModule foo_module modules/

    LoadModule auth_basic_module modules/
    LoadModule auth_digest_module modules/
    LoadModule authn_file_module modules/
    LoadModule authn_alias_module modules/
    LoadModule authn_anon_module modules/
    LoadModule authn_dbm_module modules/
    LoadModule authn_default_module modules/
    LoadModule authz_host_module modules/
    LoadModule authz_user_module modules/
    LoadModule authz_owner_module modules/
    LoadModule authz_groupfile_module modules/
    LoadModule authz_dbm_module modules/
    LoadModule authz_default_module modules/
    LoadModule ldap_module modules/
    LoadModule authnz_ldap_module modules/
    LoadModule include_module modules/
    LoadModule log_config_module modules/
    LoadModule logio_module modules/
    LoadModule env_module modules/
    LoadModule ext_filter_module modules/
    LoadModule mime_magic_module modules/
    LoadModule expires_module modules/
    LoadModule deflate_module modules/
    LoadModule headers_module modules/
    LoadModule usertrack_module modules/
    LoadModule setenvif_module modules/
    LoadModule mime_module modules/
    LoadModule dav_module modules/
    LoadModule status_module modules/
    LoadModule autoindex_module modules/
    LoadModule info_module modules/
    LoadModule dav_fs_module modules/
    LoadModule vhost_alias_module modules/
    LoadModule negotiation_module modules/
    LoadModule dir_module modules/
    LoadModule actions_module modules/
    LoadModule speling_module modules/
    LoadModule userdir_module modules/
    LoadModule alias_module modules/
    LoadModule rewrite_module modules/
    LoadModule proxy_module modules/
    LoadModule proxy_balancer_module modules/
    LoadModule proxy_ftp_module modules/
    LoadModule proxy_http_module modules/
    LoadModule proxy_connect_module modules/
    LoadModule cache_module modules/
    LoadModule suexec_module modules/
    LoadModule disk_cache_module modules/
    LoadModule file_cache_module modules/
    LoadModule mem_cache_module modules/
    LoadModule cgi_module modules/
    LoadModule version_module modules/

    The following modules are not loaded by default:

    LoadModule cern_meta_module modules/

    LoadModule asis_module modules/

    Load config files from the config directory "/etc/httpd/conf.d".

    Include conf.d/*.conf

    ExtendedStatus controls whether Apache will generate "full" status

    information (ExtendedStatus On) or just basic information (ExtendedStatus

    Off) when the "server-status" handler is called. The default is Off.

    ExtendedStatus On

    If you wish httpd to run as a different user or group, you must run

    httpd as root initially and it will switch.

    User/Group: The name (or #number) of the user/group to run httpd as.

    . On SCO (ODT 3) use "User nouser" and "Group nogroup".

    . On HPUX you may not be able to use shared memory as nobody, and the

    suggested workaround is to create a user www and use that user.

    NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)

    when the value of (unsigned)Group is above 60000;

    don't use Group #-1 on these systems!

    User apache
    Group apache

    Section 2: 'Main' server configuration

    The directives in this section set up the values used by the 'main'

    server, which responds to any requests that aren't handled by a

    <VirtualHost> definition. These values also provide defaults for

    any <VirtualHost> containers you may define later in the file.

    All of these directives may appear inside <VirtualHost> containers,

    in which case these default settings will be overridden for the

    virtual host being defined.

    ServerAdmin: Your address, where problems with the server should be

    e-mailed. This address appears on some server-generated pages, such

    as error documents. e.g.

    ServerAdmin root@localhost

    ServerName gives the name and port that the server uses to identify


    This can often be determined automatically, but we recommend you specify

    it explicitly to prevent problems during startup.

    If this is not set to valid DNS name for your host, server-generated

    redirections will not work. See also the UseCanonicalName directive.

    If your host doesn't have a registered DNS name, enter its IP address


    You will have to access it by its address anyway, and this will make

    redirections work in a sensible way.


    UseCanonicalName: Determines how Apache constructs self-referencing

    URLs and the SERVER_NAME and SERVER_PORT variables.

    When set "Off", Apache will use the Hostname and Port supplied

    by the client. When set "On", Apache will use the value of the

    ServerName directive.

    UseCanonicalName on

    DocumentRoot: The directory out of which you will serve your

    documents. By default, all requests are taken from this directory, but

    symbolic links and aliases may be used to point to other locations.

    DocumentRoot "/var/www/html"

    UserDir: The name of the directory that is appended onto a user's home

    directory if a ~user request is received.

    The path to the end user account 'public_html' directory must be

    accessible to the webserver userid. This usually means that ~userid

    must have permissions of 711, ~userid/public_html must have permissions

    of 755, and documents contained therein must be world-readable.

    Otherwise, the client will only receive a "403 Forbidden" message.

    See also:

    <IfModule mod_userdir.c="">
    # UserDir is disabled by default since it can confirm the presence
    # of a username on the system (depending on home directory
    # permissions).
    UserDir "disable"

    # To enable requests to /~user/ to serve the user's public_html
    # directory, use this directive instead of "UserDir disable":
    #UserDir public_html


    DirectoryIndex: sets the file that Apache will serve if a directory

    is requested.

    The index.html.var file (a type-map) is used to deliver content-

    negotiated documents. The MultiViews Option can be used for the

    same purpose, but it is much slower.


    AccessFileName: The name of the file to look for in each directory

    for access control information. See also the AllowOverride directive.

    AccessFileName .htaccess

    The following lines prevent .htaccess and .htpasswd files from being

    viewed by Web clients.

    <Files ~="" "^\.ht"="">
    Order allow,deny
    Deny from all

    TypesConfig describes where the mime.types file (or equivalent) is

    to be found.

    TypesConfig "/etc/mime.types"

    DefaultType is the default MIME type the server will use for a document

    if it cannot otherwise determine one, such as from filename extensions.

    If your server contains mostly text or HTML documents, "text/plain" is

    a good value. If most of your content is binary, such as applications

    or images, you may want to use "application/octet-stream" instead to

    keep browsers from trying to display binary files as though they are


    DefaultType text/plain

    The mod_mime_magic module allows the server to use various hints from the

    contents of the file itself to determine its type. The MIMEMagicFile

    directive tells the module where the hint definitions are located.

    <IfModule mod_mime_magic.c="">

    MIMEMagicFile /usr/share/magic.mime

    MIMEMagicFile conf/magic


    HostnameLookups: Log the names of clients or just their IP addresses

    e.g., (on) or (off).

    The default is off because it'd be overall better for the net if people

    had to knowingly turn this feature on, since enabling it means that

    each client request will result in AT LEAST one lookup request to the


    HostNameLookups Off

    EnableMMAP: Control whether memory-mapping is used to deliver

    files (assuming that the underlying OS supports it).

    The default is on; turn this off if you serve from NFS-mounted

    filesystems. On some systems, turning it off (regardless of

    filesystem) can improve performance; for details, please see

    EnableMMAP off

    EnableSendfile: Control whether the sendfile kernel support is

    used to deliver files (assuming that the OS supports it).

    The default is on; turn this off if you serve from NFS-mounted

    filesystems. Please see

    EnableSendfile off

    ErrorLog: The location of the error log file.

    If you do not specify an ErrorLog directive within a <VirtualHost>

    container, error messages relating to that virtual host will be

    logged here. If you do define an error logfile for a <VirtualHost>

    container, that host's errors will be logged there and not here.

    ErrorLog "/var/log/httpd/error_log"

    LogLevel: Control the number of messages logged to the error_log.

    Possible values include: debug, info, notice, warn, error, crit,

    alert, emerg.

    LogLevel warn

    The following directives define some format nicknames for use with

    a CustomLog directive (see below).

    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
    LogFormat "%{Referer}i -> %U" referer
    LogFormat "%{User-agent}i" agent

    The location and format of the access logfile (Common Logfile Format).

    If you do not define any access logfiles within a <VirtualHost>

    container, they will be logged here. Contrariwise, if you do

    define per-<VirtualHost> access logfiles, transactions will be

    logged therein and not in this file.

    CustomLog logs/access_log common

    CustomLog logs/access_log combined

    If you would like to have agent and referer logfiles, uncomment the

    following directives.

    CustomLog logs/referer_log referer

    CustomLog logs/agent_log agent

    If you prefer a single logfile with access, agent, and referer information

    (Combined Logfile Format) you can use the following directive.

    CustomLog logs/access_log combined

    Optionally add a line containing the server version and virtual host

    name to server-generated pages (error documents, FTP directory listings,

    mod_status and mod_info output etc., but not CGI generated documents).

    Set to "EMail" to also include a mailto: link to the ServerAdmin.

    Set to one of: On | Off | EMail

    ServerSignature on

    Aliases: Add here as many aliases as you need (with no limit). The format


    Alias fakename realname

    Note that if you include a trailing / on fakename then the server will

    require it to be present in the URL. So "/icons" isn't aliased in this

    example, only "/icons/". If the fakename is slash-terminated, then the

    realname must also be slash terminated, and if the fakename omits the

    trailing slash, the realname must also omit it.

    We include the /icons/ alias for FancyIndexed directory listings. If you

    do not use FancyIndexing, you may comment this out.

    Alias /icons/ "/var/www/icons/"

    This should be changed to the ServerRoot/manual/. The alias provides

    the manual, even if you choose to move your DocumentRoot. You may comment

    this out if you do not care for the documentation.

    05/23/05: This is now provided via a separate package called httpd-manual

    which comes with an own manual alias

    Alias /manual "/var/www/manual"

    <IfModule mod_dav_fs.c="">
    # Location of the WebDAV lock database.
    DAVLockDB /var/lib/dav/lockdb

    ScriptAlias: This controls which directories contain server scripts.

    ScriptAliases are essentially the same as Aliases, except that

    documents in the realname directory are treated as applications and

    run by the server when requested rather than as documents sent to the


    The same rules about trailing "/" apply to ScriptAlias directives as to


    ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

    <IfModule mod_cgid.c="">

    Additional to mod_cgid.c settings, mod_cgid has Scriptsock

    for setting UNIX socket for communicating with cgid.

    Scriptsock logs/cgisock


    Redirect allows you to tell clients about documents which used to exist in

    your server's namespace, but do not anymore. This allows you to tell the

    clients where to look for the relocated document.


    Redirect permanent /foo

    Directives controlling the display of server-generated directory listings.

    IndexOptions: Controls the appearance of server-generated directory


    IndexOptions FancyIndexing VersionSort NameWidth=*

    AddIcon* directives tell the server which icon to show for different

    files or filename extensions. These are only displayed for

    FancyIndexed directories.

    AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

    AddIconByType (TXT,/icons/text.gif) text/
    AddIconByType (IMG,/icons/image2.gif) image/

    AddIconByType (SND,/icons/sound2.gif) audio/
    AddIconByType (VID,/icons/movie.gif) video/

    AddIcon /icons/binary.gif .bin .exe
    AddIcon /icons/binhex.gif .hqx
    AddIcon /icons/tar.gif .tar
    AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
    AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
    AddIcon /icons/a.gif .ps .ai .eps
    AddIcon /icons/layout.gif .html .shtml .htm .pdf
    AddIcon /icons/text.gif .txt
    AddIcon /icons/c.gif .c
    AddIcon /icons/p.gif .pl .py
    AddIcon /icons/f.gif .for
    AddIcon /icons/dvi.gif .dvi
    AddIcon /icons/uuencoded.gif .uu
    AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
    AddIcon /icons/tex.gif .tex
    AddIcon /icons/bomb.gif core

    AddIcon /icons/back.gif ..
    AddIcon /icons/hand.right.gif README
    AddIcon /icons/folder.gif ^^DIRECTORY^^
    AddIcon /icons/blank.gif ^^BLANKICON^^

    DefaultIcon is which icon to show for files which do not have an icon

    explicitly set.

    DefaultIcon /icons/unknown.gif

    AddDescription allows you to place a short description after a file in

    server-generated indexes. These are only displayed for FancyIndexed


    Format: AddDescription "description" filename

    AddDescription "GZIP compressed document" .gz

    AddDescription "tar archive" .tar

    AddDescription "GZIP compressed tar archive" .tgz

    ReadmeName is the name of the README file the server will look for by

    default, and append to directory listings.

    HeaderName is the name of a file which should be prepended to

    directory indexes.

    ReadmeName README.html
    HeaderName HEADER.html

    IndexIgnore is a set of filenames which directory indexing should ignore

    and not include in the listing. Shell-style wildcarding is permitted.

    IndexIgnore .?? ~ # HEADER README RCS CVS ,v *,t

    DefaultLanguage and AddLanguage allows you to specify the language of

    a document. You can then use content negotiation to give a browser a

    file in a language the user can understand.

    Specify a default language. This means that all data

    going out without a specific language tag (see below) will

    be marked with this one. You probably do NOT want to set

    this unless you are sure it is correct for all cases.

    * It is generally better to not mark a page as

    * being a certain language than marking it with the wrong

    * language!

    DefaultLanguage nl

    Note 1: The suffix does not have to be the same as the language

    keyword --- those with documents in Polish (whose net-standard

    language code is pl) may wish to use "AddLanguage pl .po" to

    avoid the ambiguity with the common suffix for perl scripts.

    Note 2: The example entries below illustrate that in some cases

    the two character 'Language' abbreviation is not identical to

    the two character 'Country' code for its country,

    E.g. 'Danmark/dk' versus 'Danish/da'.

    Note 3: In the case of 'ltz' we violate the RFC by using a three char

    specifier. There is 'work in progress' to fix this and get

    the reference data for rfc1766 cleaned up.

    Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)

    English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)

    Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)

    Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)

    Norwegian (no) - Polish (pl) - Portugese (pt)

    Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)

    Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)

    AddLanguage ca .ca
    AddLanguage cs .cz .cs
    AddLanguage da .dk
    AddLanguage de .de
    AddLanguage el .el
    AddLanguage en .en
    AddLanguage eo .eo
    AddLanguage es .es
    AddLanguage et .et
    AddLanguage fr .fr
    AddLanguage he .he
    AddLanguage hr .hr
    AddLanguage it .it
    AddLanguage ja .ja
    AddLanguage ko .ko
    AddLanguage ltz .ltz
    AddLanguage nl .nl
    AddLanguage nn .nn
    AddLanguage no .no
    AddLanguage pl .po
    AddLanguage pt .pt
    AddLanguage pt-BR .pt-br
    AddLanguage ru .ru
    AddLanguage sv .sv
    AddLanguage zh-CN .zh-cn
    AddLanguage zh-TW .zh-tw

    LanguagePriority allows you to give precedence to some languages

    in case of a tie during content negotiation.

    Just list the languages in decreasing order of preference. We have

    more or less alphabetized them here. You probably want to change this.

    LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no
    pl pt pt-BR ru sv zh-CN zh-TW

    ForceLanguagePriority allows you to serve a result page rather than

    MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)

    [in case no accepted languages matched the available variants]

    ForceLanguagePriority Prefer Fallback

    Specify a default charset for all content served; this enables

    interpretation of all content as UTF-8 by default. To use the

    default browser choice (ISO-8859-1), or to allow the META tags

    in HTML content to override this choice, comment out this


    AddDefaultCharset UTF-8

    AddType allows you to add to or override the MIME configuration

    file mime.types for specific file types.

    AddType application/x-tar .tgz

    AddEncoding allows you to have certain browsers uncompress

    information on the fly. Note: Not all browsers support this.

    Despite the name similarity, the following Add* directives have nothing

    to do with the FancyIndexing customization directives above.

    AddEncoding x-compress .Z

    AddEncoding x-gzip .gz .tgz

    If the AddEncoding directives above are commented-out, then you

    probably should define those extensions to indicate media types:

    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz

    AddHandler allows you to map certain file extensions to "handlers":

    actions unrelated to filetype. These can be either built into the server

    or added with the Action directive (see below)

    To use CGI scripts outside of ScriptAliased directories:

    (You will also need to add "ExecCGI" to the "Options" directive.)

    AddHandler cgi-script .cgi

    For files that include their own HTTP headers:

    AddHandler send-as-is asis

    For type maps (negotiated resources):

    (This is enabled by default to allow the Apache "It Worked" page

    to be distributed in multiple languages.)

    AddHandler type-map var

    Filters allow you to process content before it is sent to the client.

    To parse .shtml files for server-side includes (SSI):

    (You will also need to add "Includes" to the "Options" directive.)

    AddType text/html .shtml
    AddOutputFilter INCLUDES .shtml

    Action lets you define media types that will execute a script whenever

    a matching file is called. This eliminates the need for repeated URL

    pathnames for oft-used CGI file processors.

    Format: Action media/type /cgi-script/location

    Format: Action handler-name /cgi-script/location

    Customizable error responses come in three flavors:

    1) plain text 2) local redirects 3) external redirects

    Some examples:

    ErrorDocument 500 "The server made a boo boo."

    ErrorDocument 404 /missing.html

    ErrorDocument 404 "/cgi-bin/"

    ErrorDocument 402

    Putting this all together, we can internationalize error responses.

    We use Alias to redirect any /error/HTTP_<error>.html.var response to

    our collection of by-error message multi-language collections. We use

    includes to substitute the appropriate text.

    You can modify the messages' appearance without changing any of the

    default HTTP_<error>.html.var files by adding the line:

    Alias /error/include/ "/your/include/path/"

    which allows you to create your own set of files by starting with the

    /var/www/error/include/ files and

    copying them to /your/include/path/, even on a per-VirtualHost basis.

    Alias /error/ "/var/www/error/"

    <IfModule mod_negotiation.c="">
    <IfModule mod_include.c="">
    <Directory "="" var="" www="" error"="">
    AllowOverride None
    Options IncludesNoExec
    AddOutputFilter Includes html
    AddHandler type-map var
    Order allow,deny
    Allow from all
    LanguagePriority en es de fr
    ForceLanguagePriority Prefer Fallback

    ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var

    ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var

    ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var

    ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var

    ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var

    ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var

    ErrorDocument 410 /error/HTTP_GONE.html.var

    ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var

    ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var

    ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var

    ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var

    ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var

    ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var

    ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var

    ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var

    ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var

    ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var


    The following directives modify normal HTTP response behavior to

    handle known problems with browser implementations.

    BrowserMatch "Mozilla/2" nokeepalive
    BrowserMatch "MSIE 4.0b2;" nokeepalive downgrade-1.0 force-response-1.0
    BrowserMatch "RealPlayer 4.0" force-response-1.0
    BrowserMatch "Java/1.0" force-response-1.0
    BrowserMatch "JDK/1.0" force-response-1.0

    The following directive disables redirects on non-GET requests for

    a directory that does not include the trailing slash. This fixes a

    problem with Microsoft WebFolders which does not appropriately handle

    redirects for folders with DAV methods.

    Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.

    BrowserMatch "Microsoft Data Access Internet Publishing Provider"
    BrowserMatch "MS FrontPage" redirect-carefully
    BrowserMatch "^WebDrive" redirect-carefully
    BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
    BrowserMatch "^gnome-vfs/1.0" redirect-carefully
    BrowserMatch "^XML Spy" redirect-carefully
    BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully

    Allow server status reports generated by mod_status,

    with the URL of http://servername/server-status

    Change the "" to match your domain to enable.

    <Location server-status="">

    SetHandler server-status

    Order deny,allow

    Deny from all

    Allow from


    Allow remote server configuration reports, with the URL of

    http://servername/server-info (requires that mod_info.c be loaded).

    Change the "" to match your domain to enable.

    <Location server-info="">

    SetHandler server-info

    Order deny,allow

    Deny from all

    Allow from


    Proxy Server directives. Uncomment the following lines to

    enable the proxy server:

    <IfModule mod_proxy.c="">

    ProxyRequests On

    <Proxy *="">

    Order deny,allow

    Deny from all

    Allow from


    Enable/disable the handling of HTTP/1.1 "Via:" headers.

    ("Full" adds the server version; "Block" removes all outgoing Via:


    Set to one of: Off | On | Full | Block

    ProxyVia On

    To enable a cache of proxied content, uncomment the following lines.

    See for more details.

    <IfModule mod_disk_cache.c="">

    CacheEnable disk /

    CacheRoot "/var/cache/mod_proxy"



    End of proxy directives.

    Section 3: Virtual Hosts

    VirtualHost: If you want to maintain multiple domains/hostnames on your

    machine you can setup VirtualHost containers for them. Most configurations

    use only name-based virtual hosts so the server doesn't need to worry


    IP addresses. This is indicated by the asterisks in the directives below.

    Please see the documentation at

    <URL:http:"" docs-2.2="" vhosts=""/>

    for further details before you try to setup virtual hosts.

    You may use the command line option '-S' to verify your virtual host


    Use name-based virtual hosting.

    Where do we put the lock and pif files?

    LockFile "/var/lock/httpd.lock"
    CoreDumpDirectory "/etc/httpd"

    Defaults for virtual hosts


    Virtual hosts

    Virtual host Default Virtual Host

    <VirtualHost *="">

        DirectoryIndex index.php index.html index.htm index.shtml
        SSLEngine on
        LogLevel warn
        HostNameLookups off


    Each directory to which Apache has access can be configured with respect

    to which services and features are allowed and/or disabled in that

    directory (and its subdirectories).

    Note that from this point forward you must specifically allow

    particular features to be enabled - so if something's not working as

    you might expect, make sure that you have specifically enabled it


    <Directory "="" "="">
    Options FollowSymLinks

        AllowOverride None


    <Directory "="" var="" www="" html"="">
    Options Indexes Includes FollowSymLinks

        AllowOverride None
        Allow from all
        Order allow,deny


    <Directory "="" var="" www="" icons"="">
    Options Indexes MultiViews

        AllowOverride None
        Allow from all
        Order allow,deny


    <Directory "="" var="" www="" cgi-bin"="">
    Options ExecCGI

        AllowOverride None
        Allow from all
        Order allow,deny


    here's a cat of the conf.d dir.....

    [root@fileserver conf.d]# cat *
    ScriptAlias /apcupsd/ /var/www/apcupsd/
    <Directory var="" www="" apcupsd=""/>
    DirectoryIndex upsstats.cgi
    Options ExecCGI
    order deny,allow
    deny from all
    allow from

    PHP is an HTML-embedded scripting language which attempts to make it

    easy for developers to write dynamically generated webpages.

    <IfModule prefork.c="">
    LoadModule php5_module modules/
    <IfModule worker.c="">
    # Use of the "ZTS" build with worker is experimental, and no shared
    # modules are supported.
    LoadModule php5_module modules/

    Cause the PHP interpreter to handle files with a .php extension.

    AddHandler php5-script .php
    AddType text/html .php

    Add index.php to the list of files that will be served as directory


    DirectoryIndex index.php

    Uncomment the following line to allow PHP to pretty-print .phps

    files as PHP source code:

    AddType application/x-httpd-php-source .phps

    LoadModule proxy_ajp_module modules/

    When loaded, the mod_proxy_ajp module adds support for

    proxying to an AJP/1.3 backend server (such as Tomcat).

    To proxy to an AJP backend, use the "ajp://" URI scheme;

    Tomcat is configured to listen on port 8009 for AJP requests

    by default.

    Uncomment the following lines to serve the ROOT webapp

    under the /tomcat/ location, and the jsp-examples webapp

    under the /examples/ location.

    ProxyPass /tomcat/ ajp://localhost:8009/

    ProxyPass /examples/ ajp://localhost:8009/jsp-examples/

    This directory holds Apache 2.0 module-specific configuration files;
    any files in this directory which have the ".conf" extension will be
    processed as Apache configuration files.

    Files are processed in alphabetical order, so if using configuration
    directives which depend on, say, mod_perl being loaded, ensure that
    these are placed in a filename later in the sort order than "perl.conf".

    This configuration file enables the default "Welcome"

    page if there is no default index page present for

    the root URL. To disable the Welcome page, comment

    out all the lines below.

    <LocationMatch "^="" +$"="">
    Options -Indexes
    ErrorDocument 403 /error/noindex.html

    perms on /var/www/html/

    [root@server /]# ls -al /var/www/html/phpvirtualbox/
    total 180
    drwxr-xr-x 9 apache apache 4096 Sep 17 19:29 .
    drwxr-xr-x 3 root root 4096 Sep 17 20:21 ..
    -rw-r--r-- 1 apache apache 42183 Aug 12 11:34 CHANGELOG.txt
    -rw-r--r-- 1 apache apache 6866 Sep 17 19:29 config.php
    -rw-r--r-- 1 apache apache 6864 Oct 17 2012 config.php-example
    drwxr-xr-x 2 apache apache 4096 Sep 17 11:20 css
    -rw-r--r-- 1 apache apache 33091 Feb 27 2011 GPLv3.txt
    drwxr-xr-x 5 apache apache 4096 Sep 17 11:20 images
    -rw-r--r-- 1 apache apache 20108 Aug 11 14:31 index.html
    drwxr-xr-x 2 apache apache 4096 Sep 17 11:20 js
    drwxr-xr-x 3 apache apache 4096 Sep 17 11:20 languages
    drwxr-xr-x 3 apache apache 4096 Sep 17 11:20 lib
    -rw-r--r-- 1 apache apache 747 Feb 27 2011 LICENSE.txt
    drwxr-xr-x 2 apache apache 4096 Sep 17 11:20 panes
    -rw-r--r-- 1 apache apache 885 Jul 29 14:41 rdp.php
    drwxr-xr-x 2 apache apache 4096 Sep 17 11:20 rdpweb
    -rw-r--r-- 1 apache apache 976 Feb 27 2011 README.txt
    -rw-r--r-- 1 apache apache 1882 Mar 3 2011 recovery.php-disabled
    -rw-r--r-- 1 apache apache 6628 Jul 29 14:41 screen.php
    -rw-r--r-- 1 apache apache 2124 Nov 2 2012 vboxinit

    what could be wrong here?

  • Ian Moore

    Ian Moore - 2013-09-25

    Apache's error log should tell you more. What do you see there after you try to access the page? Does it work if you navigate to ?


Log in to post a comment.