Error 403 on subfolders via https - Nicao - 11-07-2009 07:34 AM
hey folks,
i just installed my very first ssl cert tonight... everything is doing fine, the landing page is accessible via http and https - BUT as soon as i try to access any subfolder via https, i am having ERROR 403 - FORBIDDEN.
via http its fine.
the logs dont really help me out.
i guess i got a mistkae at 01_ssl_master.conf, cause i had some trouble with error 500 before causing the entry
Code:
[Fri Nov 06 20:31:49 2009] [alert] [client 78.35.xxx.xxx] /var/www/virtual/abc.com/htdocs/.htaccess: Option Indexes not allowed here
then i added the sniplet
Code:
<Directory /var/www/virtual/abc.com/htdocs>
Options -Indexes Includes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
and it went fine. but only at /htdocs, as soon as i want to open like /htdocs/123/index.php, it works with http but causes 403 on https.
I got a htaccess active at /htdocs but this doesnt seem to be a problem as the landing page is working properly and the deletion of htaccess didnt solve it either.
here's my 01_ssl_master.conf - maybe you guys got a clue what i did wrong?
Code:
#
# ispCP ω (OMEGA) a Virtual Hosting Control System
#
# @copyright 2001-2006 by moleSoftware GmbH
# @copyright 2006-2008 by ispCP | http://isp-control.net
# @version SVN: $Id$
# @link http://isp-control.net
# @author ispCP Team
#
# @license
# This program is free software; you can redistribute it and/or modify it under
# the terms of the MPL General Public License as published by the Free Software
# Foundation; either version 1.1 of the License, or (at your option) any later
# version.
# You should have received a copy of the MPL Mozilla Public License along with
# this program; if not, write to the Open Source Initiative (OSI)
# http://opensource.org | osi@opensource.org
#
################################################################################
#
# Master Begin
#
<VirtualHost 194.xxx.xxx.xxx:443>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/www.abc.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/www.abc.com.key
ServerAdmin admin@localhost
DocumentRoot /var/www/virtual/abc.com/htdocs
ServerName abcserver
ErrorLog /var/log/apache2/users/abc.com.at-ssl-error.log
TransferLog /var/log/apache2/users/abc.com-ssl-access.log
CustomLog /var/log/apache2/abc.com-ssl-traf.log traff
CustomLog /var/log/apache2/abc.com-ssl-combined.log combined
Alias /errors /var/www/ispcp/gui/errordocs/
ErrorDocument 401 /errors/401.html
ErrorDocument 403 /errors/403.html
ErrorDocument 404 /errors/404.html
ErrorDocument 500 /errors/500.html
ErrorDocument 503 /errors/503.html
Alias /pma /var/www/ispcp/gui/tools/pma/
Alias /webmail /var/www/ispcp/gui/tools/webmail/
Alias /ftp /var/www/ispcp/gui/tools/filemanager/
<IfModule suexec_module>
SuexecUserGroup vu2000 vu2000
</IfModule>
<Directory /var/www/virtual/abc.com/htdocs>
Options -Indexes Includes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory /var/www/ispcp/gui>
Options -Indexes Includes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<IfModule mod_fcgid.c>
<Directory /var/www/ispcp/gui>
FCGIWrapper /var/www/fcgi/master/php5-fcgi-starter .php
Options +ExecCGI
</Directory>
<Directory "/var/www/fcgi/master">
AllowOverride None
Options +ExecCGI MultiViews -Indexes
Order allow,deny
Allow from all
</Directory>
</IfModule>
<IfModule mod_fastcgi.c>
ScriptAlias /php5/ /var/www/fcgi/master/
<Directory "/var/www/fcgi/master">
AllowOverride None
Options +ExecCGI MultiViews -Indexes
Order allow,deny
Allow from all
</Directory>
</IfModule>
<IfModule mod_php5.c>
<Directory /var/www/ispcp/gui>
php_admin_value open_basedir "/var/www/ispcp/gui/:/etc/ispcp/:/var/run/ispcp.lock:/proc/:/bin/df:/bin/mount:/var/log/rkhunter.log:/var/log/chkrootkit.log:/usr/share/php/"
php_admin_value session.save_path "/var/www/ispcp/gui/phptmp/"
php_admin_value upload_tmp_dir "/var/www/ispcp/gui/phptmp/"
</Directory>
</IfModule>
</VirtualHost>
#
# Master End
#
somebody with a mastermind nearby?
Thx,
Nicao
|