Pete Freitag Pete Freitag

Fixing Apache (13)Permission denied: access to / 403 Forbidden

Published on July 21, 2011
By Pete Freitag

Every so often I run into a 403 Forbidden response when I'm setting up something in Apache, checking the log files will yield something like:

(13)Permission denied: access to /

There are a few things that could be the problem:

Make sure it's not denied by Apache

Most apache Configurations have something like this in there:

<Directory />
    Order deny,allow
    Deny from all

The above will block access to all files. You should also see something like this:

<Directory /path/to/webroot>
    Order allow,deny
    Allow from all

So if you have created a VirtualHost or an Alias that does not fall under this /path/to/webroot apache will have denied access to it. The solution in that case is to add another Directory entry in your httpd.conf to allow access to that directory.

Make sure Apache has Read, Execute Permissions

The next thing to check is that Apache has read and execute permission (rx) on directories and read permission on files. You can run chmod 750 /dir (to give -rwxr-x--- permission) or chmod 755 /dir (to give -rwxr-xr-x permission), etc.

Make sure that the Directory Above has Execute Permission

This is the one that tends to get me. Suppose you are creating an Alias like this:

Alias /foo /tmp/bar/foo

Now you have made sure that apache can read and execute /tmp/bar/foo by running chmod 755 /tmp/bar/foo, but you also need to give Apache execute permission to /tmp/bar/ otherwise it cannot traverse the sub directory foo.

If Running Security Enhanced Linux (SELinux)

Another possibility for this error is that you are running SELinux (Security Enhanced Linux), inwhich case you need to use chcon to apply the proper security context to the directory. One easy way to do this is to copy from a directory that does work for example /var/www/

chcon -R --reference=/var/www /path/to/webroot

apache alias permission httpd security

Fixing Apache (13)Permission denied: access to / 403 Forbidden was first published on July 21, 2011.

If you like reading about apache, alias, permission, httpd, or security then you might also like:

Weekly Security Advisories Email

Advisory Week is a new weekly email containing security advisories published by major software vendors (Adobe, Apple, Microsoft, etc).