Ubuntu Server의 Apache 2.4.6 : 서버 구성 (PHP FPM)에 의해 클라이언트가 거부 됨 [PHP 파일을로드하는 동안]
오늘은 Ubuntu 서버 13.04 (Raring Ringtail) → 13.10 (Saucy Salamander)을 업데이트했습니다.
그리고 내 Apache 2 설치가 손상되었습니다.
여기 내 구성 :
파일 error.log
[Fri Oct 18 10:48:07.237170 2013] [:notice] [pid 8292:tid 139804677900160] FastCGI: process manager initialized (pid 8292)
[Fri Oct 18 10:48:07.241185 2013] [mpm_event:notice] [pid 8289:tid 139804677900160] AH00489: Apache/2.4.6 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 configured -- resuming normal operations
[Fri Oct 18 10:48:07.241652 2013] [core:notice] [pid 8289:tid 139804677900160] AH00094: Command line: '/usr/sbin/apache2'
[Fri Oct 18 10:48:28.313923 2013] [authz_core:error] [pid 8294:tid 139804573181696] [client 81.219.59.75:3536] AH01630: client denied by server configuration: /usr/lib/cgi-bin/php5-fcgi
파일 default.conf
#EU
<VirtualHost *:80>
#ServerName
DocumentRoot /var/www/dev_stable
DirectoryIndex index.php index.html index.htm
<Directory /var/www/dev_stable>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Require all granted
</Directory>
</VirtualHost>
파일 mods-enabled/fastcgi.conf
#<IfModule mod_fastcgi.c>
# AddHandler fastcgi-script .fcgi
# FastCgiWrapper /usr/lib/apache2/suexec
# FastCgiIpcDir /var/lib/apache2/fastcgi
#</IfModule>
<IfModule mod_fastcgi.c>
AddHandler php5-fcgi .php
Action php5-fcgi /php5-fcgi
Alias /php5-fcgi /usr/lib/cgi-bin/php5-fcgi
FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -socket /var/run/php5-fpm.sock -pass-header Authorization
</Ifmodule>
브라우저를 통해 파일을로드하려고 할 때 다음을 얻었습니다.
site_name/TEST/
Forbidden
You don't have permission to access /php5-fcgi/TEST/index.php on this server.
어떻게 수정해야합니까?
나는 똑같은 문제가 있습니다. 개발을 위해 로컬 컴퓨터에서 몇 개의 가상 호스트를 실행했습니다.
먼저 /etc/apache2/conf-available/php5-fpm.conf. 나는 모든 것을 교체했다
Order Deny,Allow
Deny from all
...에
Require all granted
구성은에서 활성화해야합니다 a2enconf php5-fpm. 내 가상 호스트 구성에 대해 동일한 작업을 수행하고 교체했습니다.
나는 이것이 보안상의 이유로 권장되지 않는다고 생각하지만, 내 서버를 로컬 용도로만 사용하는 한 함께 살 수 있습니다.
Apache 2.4를 새로 설치할 때이 문제가 발생했습니다. 몇 시간의 인터넷 검색과 테스트 끝에 마침내 Alias 지시어의 (존재하지 않는) 대상이 포함 된 디렉토리에 대한 액세스를 허용해야한다는 사실을 알게되었습니다. 즉, 이것은 나를 위해 일했습니다.
# File: /etc/apache2/conf-available/php5-fpm.conf
<IfModule mod_fastcgi.c>
AddHandler php5-fcgi .php
Action php5-fcgi /php5-fcgi
Alias /php5-fcgi /usr/lib/cgi-bin/php5-fcgi
FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -socket /var/run/php5-fpm.sock -pass-header Authorization
# NOTE: using '/usr/lib/cgi-bin/php5-cgi' here does not work,
# it doesn't exist in the filesystem!
<Directory /usr/lib/cgi-bin>
Require all granted
</Directory>
</Ifmodule>
오늘 비슷한 문제가 발생했습니다 (그러나 mod_wsgi). Apache 2.2-2.4 문제 일 수 있습니다. 포괄적 인 변경 목록은 여기에서 확인할 수 있습니다 .
저에게는 <Directory>오류 로그가 불평하는 모든 경로에 대한 추가 항목 을 추가 하고 섹션을 Require all granted.
따라서 귀하의 경우에는
<Directory /usr/lib/cgi-bin/php5-fcgi>
Require all granted
Options FollowSymLinks
</Directory>
내 구성 파일을 폴더에서 폴더 conf.d로 이동해야했습니다 sites-enabled.
대체로 그것은 나를 위해 트릭을했지만 귀하의 경우에서도 작동한다고 보장하지는 않습니다.
나는 최근에 같은 문제에 직면했습니다. 내 가상 호스트를 다음에서 변경해야했습니다.
<VirtualHost *:80>
ServerName local.example.com
DocumentRoot /home/example/public
<Directory />
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
에:
<VirtualHost *:80>
ServerName local.example.com
DocumentRoot /home/example/public
<Directory />
Options All
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
에서 apache2.conf<Directory /> AllowOverride 없음 Jan Czarny가 제안한 것과 같이 모두 거부 됨 </ Directory>를 대체하거나 삭제하십시오.
예를 들면 :
<Directory />
Options FollowSymLinks
AllowOverride None
#Require all denied
Require all granted
</Directory>
이것은 Ubuntu 14.04 (Trusty Tahr) 에서 작동했습니다 .
가상 호스트 파일 이름은 mysite.com.conf 여야하며이 정보를 포함해야합니다.
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName mysite.com
ServerAlias www.mysite.com
ServerAdmin info@mysite.com
DocumentRoot /var/www/mysite
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory "/var/www/mysite">
Options All
AllowOverride All
Require all granted
</Directory>
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
이 지시문에서 "Require all denied"를 "Require all grant"로 바꾸는 것은 아닙니다.
<Directory>
Options FollowSymLinks
AllowOverride None
#Require all denied
Require all granted
</Directory>
Jan Czarny가 제안하고 user3801675가 선택한 것처럼이 문제를 해결하는 가장 안전한 방법입니다.
According to the Apache configuration files, that line denies access to the entirety of your server's filesystem. Replacing it might indeed allow access to your virtual host folders but at the price of allowing access to your entire computer as well!
Gev Balyan's approach seems to be the most secure approach here. It was the answer to the "access denied problems" plaguing me after setting up my new Apache server this morning.
And I simply got this error because I used a totally different DocumentRoot directory.
My main DocumentRoot was the default /var/www/html and on the VirtualHost I used /sites/example.com
I have created a link on /var/www/html/example.com (to /sites/example.com). DocumentRoot was set to /var/www/html/example.com
It worked like a charm.
I had the same issue after upgrading my system. In my case, the problem was caused by the order of loading configuration files. In the /etc/httpd/httpd.confinitally it was defined as follows:
IncludeOptional conf.d/*.conf
IncludeOptional sites-enabled/*.conf
After some hours of attempts, I tried the following order:
IncludeOptional sites-enabled/*.conf
IncludeOptional conf.d/*.conf
And it works fine now.
I had the following configuration in my httpd.conf that denied executing the wpadmin/setup-config.php file from wordpress. Removing the |-config part solved the problem. I think this httpd.conf is from plesk but it could be some default suggested config from wordpress, i don't know. Anyway, I could safely add it back after the setup finished.
<LocationMatch "(?i:(?:wp-config\\.bak|\\.wp-config\\.php\\.swp|(?:readme|license|changelog|-config|-sample)\\.(?:php|md|txt|htm|html)))">
Require all denied
</LocationMatch>
For those of you on AWS (Amazon Web Services), remember to add a rule for your SSL port (in my case 443) to your security groups. I was getting this error because I forgot to open the port.
3 hours of tearing my hair out later...
'developer tip' 카테고리의 다른 글
| Python에서 가상 메서드를 구현하는 방법은 무엇입니까? (0) | 2020.11.06 |
|---|---|
| X509Certificate 생성자 예외 (0) | 2020.11.06 |
| 문자열에서 단어 순서 반전 (0) | 2020.11.06 |
| PHP의 클래스는 무엇입니까? (0) | 2020.11.06 |
| jQuery로 모든 확인란을 선택하십시오. (0) | 2020.11.06 |