Question
I have read the other questions related to the /bin/configure permissions issues, and have tried all the solutions, but still cannot access the configure file.
I have modified the twiki.conf to allow anyone to access the bin folder, as well as changed permissions on the entire twiki folder to wwwrun:www.
TWiki is installed at /etc/twiki.
The error reported by apache is:
[error] [client 127.0.0.1] client denied by server configuration: /etc/twiki/bin/configure
My twiki.conf (appended to the end of /etc/httpd/httpd.conf)(excluding all but sections related to twiki/bin) is:
# The ScriptAlias defines the bin directory as a directory where CGI
# scripts are allowed.
# The first parameter will be part of the URL to your installation e.g.
# http://my.co.uk/twiki/bin/view/...
# The second parameter must point to the physical path on your disc.
ScriptAlias /twiki/bin "/etc/twiki/bin"
# The Alias defines a url that points to the root of the twiki installation.
# It is used to access files in the pub directory (attachments etc)
# It must come _after_ the ScriptAlias.
Alias /twiki "/etc/twiki"
# This specifies the options on the TWiki scripts directory. The ExecCGI
# and SetHandler tell apache that it contains scripts. "Allow from all"
# lets any IP address access this URL.
<Directory "/etc/twiki/bin">
AllowOverride None
Order Allow,Deny
Allow from all
Deny from env=blockAccess
Options ExecCGI FollowSymLinks
SetHandler cgi-script
# Password file for TWiki users
AuthUserFile /etc/twiki/data/.htpasswd
AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
AuthType Basic
# Limit access to configure to specific IP addresses and or users.
# Make sure configure is not open to the general public.
# It exposes system details that can help attackers.
<FilesMatch "^(configure)$">
SetHandler cgi-script
#Order Deny,Allow
#Deny from all
#Allow from localhost
#Require user bschmalzried root wwwrun
Satisfy Any
Allow from all
</FilesMatch>
</Directory>
Environment
--
BrianSchmalzried - 11 Jan 2008
Answer
If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.
The error message usually points to a problem with Apache's Allow and Deny settings. Your config file looks fine, so all I can do is guess:
- You write about /bin/configure permissions: Maybe you missed that the correct URL is
/twiki/bin/configure
?
- Did you, per accident or on purpose, wrap your configuration in a
VirtualHost
directive?
- Or do you use one of the browsers which is denied access (I could only imagine using telnet for that)?
In all of these cases, you could get the message
client denied by server configuration
. In the first two cases it would be because the actual installation directory would be missed by Apache, and it would use its default: somewhere in
httpd.conf
you'll find a
Deny from all
for the path of
"/"
.
You could try to temporarily comment out the
Deny from all
from the root path: I doubt that you'll succeed in accessing configure, but probably the message in
error.log
will be more helpful.
--
HaraldJoerg - 11 Jan 2008
Seems to be answered.
--
PeterThoeny - 02 Mar 2008