[wellylug] Apache2 / 403
Grant McLean
grant at mclean.net.nz
Thu Mar 9 11:17:14 NZDT 2006
On Thu, 2006-03-09 at 11:07 +1300, E.Chalaron wrote:
> Hi
>
> > Most likely your directory owner/permissions are wrong.
>
> well even with 777 it does not work ... so I guess the owner/group stuff is
> another matter. I actually should probably put that as 700.
You need the 'Indexes' option enabled on the directory in the apache
config. With this option enabled, if you request a directory and there
is no 'index.html' file then you'll get a file list instead. Without
this option, file listings are disabled.
So try adding +Indexes to your Options line.
> > Why is your contents directory owned by root?
> Good question . RPM install. Should I change it to apache:apache ? or nobody ?
There's nothing wrong with having content owned by root. The thing you
want to avoid is having content owned by the user that the Apache
process runs as. In the event that someone managed to exploit a problem
in your Apache process then you don't want that process to have write
access to the disk.
Regards
Grant
More information about the wellylug
mailing list