0

我最近在我的 FreeBSD 机器上安装了 Apache。一切正常;通过本地机器的 telnet 和通过我的 XP 机器上的 Firefox(通过我的 DSL 路由器连接)上的 http 获得“它可以工作!” 页。然后,我重新启动了我的 BSD 机器,现在 telnet(通过 su 和我的普通帐户)和 Firefox 都不允许连接——我一直都得到 403 错误。我已经检查了权限并多次查看了 httpd.conf,但我无法弄清楚这一点。我的 httpd.conf 文件如下:

ServerRoot "/usr/local"

Listen 80

LoadModule authn_file_module libexec/apache22/mod_authn_file.so
LoadModule authn_dbm_module libexec/apache22/mod_authn_dbm.so
LoadModule authn_anon_module libexec/apache22/mod_authn_anon.so
LoadModule authn_default_module libexec/apache22/mod_authn_default.so
LoadModule authn_alias_module libexec/apache22/mod_authn_alias.so
LoadModule authz_host_module libexec/apache22/mod_authz_host.so
LoadModule authz_groupfile_module libexec/apache22/mod_authz_groupfile.so
LoadModule authz_user_module libexec/apache22/mod_authz_user.so
LoadModule authz_dbm_module libexec/apache22/mod_authz_dbm.so
LoadModule authz_owner_module libexec/apache22/mod_authz_owner.so
LoadModule authz_default_module libexec/apache22/mod_authz_default.so
LoadModule auth_basic_module libexec/apache22/mod_auth_basic.so
LoadModule auth_digest_module libexec/apache22/mod_auth_digest.so
LoadModule file_cache_module libexec/apache22/mod_file_cache.so
LoadModule cache_module libexec/apache22/mod_cache.so
LoadModule disk_cache_module libexec/apache22/mod_disk_cache.so
LoadModule dumpio_module libexec/apache22/mod_dumpio.so
LoadModule include_module libexec/apache22/mod_include.so
LoadModule filter_module libexec/apache22/mod_filter.so
LoadModule charset_lite_module libexec/apache22/mod_charset_lite.so
LoadModule deflate_module libexec/apache22/mod_deflate.so
LoadModule log_config_module libexec/apache22/mod_log_config.so
LoadModule logio_module libexec/apache22/mod_logio.so
LoadModule env_module libexec/apache22/mod_env.so
LoadModule mime_magic_module libexec/apache22/mod_mime_magic.so
LoadModule cern_meta_module libexec/apache22/mod_cern_meta.so
LoadModule expires_module libexec/apache22/mod_expires.so
LoadModule headers_module libexec/apache22/mod_headers.so
LoadModule usertrack_module libexec/apache22/mod_usertrack.so
LoadModule unique_id_module libexec/apache22/mod_unique_id.so
LoadModule setenvif_module libexec/apache22/mod_setenvif.so
LoadModule version_module libexec/apache22/mod_version.so
LoadModule ssl_module libexec/apache22/mod_ssl.so
LoadModule mime_module libexec/apache22/mod_mime.so
LoadModule dav_module libexec/apache22/mod_dav.so
LoadModule status_module libexec/apache22/mod_status.so
LoadModule autoindex_module libexec/apache22/mod_autoindex.so
LoadModule asis_module libexec/apache22/mod_asis.so
LoadModule info_module libexec/apache22/mod_info.so
LoadModule cgi_module libexec/apache22/mod_cgi.so
LoadModule dav_fs_module libexec/apache22/mod_dav_fs.so
LoadModule vhost_alias_module libexec/apache22/mod_vhost_alias.so
LoadModule negotiation_module libexec/apache22/mod_negotiation.so
LoadModule dir_module libexec/apache22/mod_dir.so
LoadModule imagemap_module libexec/apache22/mod_imagemap.so
LoadModule actions_module libexec/apache22/mod_actions.so
LoadModule speling_module libexec/apache22/mod_speling.so
LoadModule userdir_module libexec/apache22/mod_userdir.so
LoadModule alias_module libexec/apache22/mod_alias.so
LoadModule rewrite_module libexec/apache22/mod_rewrite.so

<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>

User www
Group www

</IfModule>
</IfModule>

ServerAdmin gvkv@gvCorp.com

ServerName 192.168.2.12:80

DocumentRoot /home/prosperity/html

<Directory />
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

<Directory /home/prosperity/html>

    Options Indexes FollowSymLinks

    AllowOverride None

    Order allow,deny
    Allow from all

</Directory>

<IfModule dir_module>
    DirectoryIndex index.html
</IfModule>

<FilesMatch "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</FilesMatch>

ErrorLog "/var/log/httpd-error.log"

LogLevel warn

<IfModule log_config_module>

    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>
      # You need to enable mod_logio.c to use %I and %O
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

    CustomLog "/var/log/httpd-access.log" combined
</IfModule>

<IfModule alias_module>

    ScriptAlias /cgi-bin/ "/usr/local/www/apache22/cgi-bin/"

</IfModule>

<IfModule cgid_module>

</IfModule>

<Directory "/usr/local/www/apache22/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>

DefaultType text/plain

<IfModule mime_module>

    TypesConfig etc/apache22/mime.types

    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz

</IfModule>

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

Include etc/apache22/Includes/*.conf

编辑:克里斯要求提供一些日志文件数据,所以就在这里。

一、httpd-error.log

[Sun Apr 19 22:37:35 2009] [notice] Digest: done
[Sun Apr 19 22:37:36 2009] [notice] Apache/2.2.9 (FreeBSD) mod_ssl/2.2.9 OpenSSL/0.9.8e DAV/2 configured -- resuming normal operations
[Mon Apr 20 00:00:28 2009] [notice] caught SIGTERM, shutting down
[Mon Apr 20 00:01:18 2009] [warn] Init: Session Cache is not configured [hint: SSLSessionCache]
[Mon Apr 20 00:01:19 2009] [notice] Digest: generating secret for digest authentication ...
[Mon Apr 20 00:01:19 2009] [notice] Digest: done
[Mon Apr 20 00:01:20 2009] [notice] Apache/2.2.9 (FreeBSD) mod_ssl/2.2.9 OpenSSL/0.9.8e DAV/2 configured -- resuming normal operations
[Mon Apr 20 00:01:26 2009] [error] [client 192.168.2.10] (13)Permission denied: access to / denied
[Mon Apr 20 00:01:54 2009] [error] [client 192.168.2.12] (13)Permission denied: access to / denied
[Mon Apr 20 00:02:12 2009] [error] [client 192.168.2.12] (13)Permission denied: access to /home/prosperity/html/index.html denied

二、httpd-access.log:

192.168.2.12 - - [19/Apr/2009:21:31:40 -0400] "GET / " 403 202 "-" "-"
192.168.2.10 - - [19/Apr/2009:21:51:07 -0400] "GET / HTTP/1.1" 403 202 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8 (.NET CLR 3.5.30729)"
192.168.2.12 - - [19/Apr/2009:22:00:29 -0400] "GET / " 403 202 "-" "-"
192.168.2.12 - - [19/Apr/2009:22:00:54 -0400] "GET /home/prosperity/test.html" 403 227 "-" "-"
192.168.2.12 - - [19/Apr/2009:22:01:13 -0400] "GET /home/prosperity/index.html" 403 228 "-" "-"
127.0.0.1 - - [19/Apr/2009:22:07:00 -0400] "GET / HTTP/1.0" 403 202 "-" "-"
192.168.2.12 - - [19/Apr/2009:22:13:12 -0400] "GET /home/prosperity/html/test.html" 403 232 "-" "-"
192.168.2.10 - - [20/Apr/2009:00:01:26 -0400] "GET / HTTP/1.1" 403 202 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8 (.NET CLR 3.5.30729)"
192.168.2.12 - - [20/Apr/2009:00:01:54 -0400] "GET /" 403 202 "-" "-"
192.168.2.12 - - [20/Apr/2009:00:02:12 -0400] "GET /home/prosperity/html/index.html" 403 233 "-" "-"
4

2 回答 2

1

看起来/home/prosperity/html从错误日志中获得了错误的权限。

它应该可以按组读取:www和用户:http.conf 中定义的www

于 2009-04-20T04:14:55.690 回答
0

启动时是否启用了 PF?

您可以检查/etc/rc.conf中的以下内容:

pf_enable="YES"

如果是这样,那么它可能会阻止 telnet 和 http 传入连接。您可以在/etc/pf.rules中为 telnet/apache 添加规则,也可以将上述设置更改为"NO"

您还确定两个守护程序都在启动时重新启动吗?根据您安装和配置 telnet 和 Apache 的方式,它们可能缺少正确的设置以在启动时自动启动。

再次检查/etc/rc.conf是否有类似的内容:

apache_enable="YES"

或者

apache22_enable="YES"

正如克里斯在评论中所说,如果不从日志中了解更多信息,很难猜测。

还要仔细检查您是否确实有一个 IP 地址。嘿,你永远不知道。

于 2009-04-20T03:54:00.590 回答