Ubuntu – Changed LAMP WWW directory to Dropbox, now getting 403 Forbidden

12.04Apache2lamp

I wan to use my Dropbox/Web directory as the server directory for LAMP. I cahnged /etc/apache2/sites-available/default

DocumentRoot /home/me/Dropbox/Web #changed from /etc/www
<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>
<Directory /home/me/Dropbox/Web/> #changed from /etc/www
    Options Indexes FollowSymLinks MultiViews
    AllowOverride None
    Order allow,deny
    allow from all
</Directory>

And now I get

Forbidden

You don't have permission to access / on this server.

Apache/2.2.22 (Ubuntu) Server at localhost Port 80

Best Answer

www-data, the group/user Apache runs is not allowed to read in your home directory.

You can use regular permissions to change that as gertvdijk explained in its answer.

I would consider using acl instead of regular permissions, allowing to add permission to apache instead of replacing the group in home directory or making the directory world readable.

For that, you need to install acl:

sudo apt-get install acl

You can use man setfacl to have more info.

To add permissions to apache:

sudo setfacl -m d:g:www-data:X,g:www-data:X /home/me
sudo setfacl -m d:g:www-data:X,g:www-data:X /home/me/Dropbox
sudo setfacl -Rm d:g:www-data:rX,g:www-data:rX /home/me/Dropbox/Web

1st and 2nd commands will allow Apache (www-data) to change directory only through the path (without allowing other subdirectories) in your home. They are probably not needed if you are using default config but if you already changed permissions (or will change in the future) to disalow other users to read in your home, they are needed.

The 3rd one is the command that will allow Apache to read and change directories in Dropbox/web and sub-directories).

Obs: uppercase X will act only on directories instead of lowercase x that would act on both files and directories (this way apache user is only able to change directories, not executing files).

Related Solutions

Ubuntu – Apache gives 403 Forbidden

Your server is set to not follow symlinks. Add this line:

Options +FollowSymLinks -SymLinksIfOwnerMatch

to your http.conf. For more info: http://www.hackersgarage.com/symbolic-link-not-allowed-or-link-target-not-accessible.html

You will also need to add browse access for others to each folder, all the way up to /home/somekittens/Dropbox/Project/Joomla/. i.e.

sudo chmod o+x /home
sudo chmod o+x /home/somekittens
chmod o+x /home/somekittens/Dropbox
chmod o+x /home/somekittens/Dropbox/Project
chmod o+x /home/somekittens/Dropbox/Project/Joomla

Ubuntu – Apache Alias Folder: 403 Access Forbidden

Have you tried using a Symbolic Link instead of an Alias?

In the Terminal:

ln -s /media/MediaServer/Videos /var/www/Videos

Then in your Apache config file you need to add Options FollowSymLinks to the <Directory /> section, as seen here

This will create a symbolic link at /var/www/Videos that points to /media/MediaServer/Video. Basically the system will see the folder on 'MediaServer' as the contents of /var/www/Videos/.

More information about Symbolic Links can be found here and here. I use them with apache all the time, and never have any problems. Hope it helps.

Best Answer

Related Solutions

Ubuntu – Apache gives 403 Forbidden

Ubuntu – Apache Alias Folder: 403 Access Forbidden

Related Question