Fixing Apache (13)Permission denied: access to / 403 Forbidden
By Pete Freitag
Every so often I run into a 403 Forbidden response when I'm setting up something in Apache, checking the log files will yield something like:
(13)Permission denied: access to /
There are a few things that could be the problem:
Make sure it's not denied by Apache
Most apache Configurations have something like this in there:
<Directory /> Order deny,allow Deny from all </Directory>
The above will block access to all files. You should also see something like this:
<Directory /path/to/webroot> Order allow,deny Allow from all </Directory>
So if you have created a
VirtualHost or an
Alias that does not fall under this /path/to/webroot apache will have denied access to it. The solution in that case is to add another
Directory entry in your
httpd.conf to allow access to that directory.
Make sure Apache has Read, Execute Permissions
The next thing to check is that Apache has read and execute permission (rx) on directories and read permission on files. You can run
chmod 750 /dir (to give
-rwxr-x--- permission) or
chmod 755 /dir (to give
-rwxr-xr-x permission), etc.
Make sure that the Directory Above has Execute Permission
This is the one that tends to get me. Suppose you are creating an Alias like this:
Alias /foo /tmp/bar/foo
Now you have made sure that apache can read and execute
/tmp/bar/foo by running
chmod 755 /tmp/bar/foo, but you also need to give Apache execute permission to
/tmp/bar/ otherwise it cannot traverse the sub directory foo.
If Running Security Enhanced Linux (SELinux)
Another possibility for this error is that you are running SELinux (Security Enhanced Linux), inwhich case you need to use
chcon to apply the proper security context to the directory. One easy way to do this is to copy from a directory that does work for example /var/www/
chcon -R --reference=/var/www /path/to/webroot
Fixing Apache (13)Permission denied: access to / 403 Forbidden was first published on July 21, 2011.
If you like reading about apache, alias, permission, httpd, or security then you might also like:
- Why is my Apache httpd Alias Not Working?
- Howto restrict what htaccess files can do on Apache
- Apache Security Patches on CentOS / RHEL
- 20 ways to Secure your Apache Configuration
Weekly Security Advisories Email
Advisory Week is a new weekly email containing security advisories published by major software vendors (Adobe, Apple, Microsoft, etc).