Apache: client denied by server configuration

OK I am using the wrong syntax, I should be using

Allow from 127.0.0.1
Allow from ::1
...

Apache 2.4.3 (or maybe slightly earlier) added a new security feature that often results in this error. You would also see a log message of the form "client denied by server configuration". The feature is requiring an authorized user identity to access a directory. It is turned on by DEFAULT in the httpd.conf that ships with Apache. You can see the enabling of the feature with the directive

Require all denied

This basically says to deny access to all users. To fix this problem, either remove the denied directive (or much better) add the following directive to the directories you want to grant access to:

Require all granted

as in

<Directory "your directory here">
   Order allow,deny
   Allow from all
   # New directive needed in Apache 2.4.3: 
   Require all granted
</Directory>

In Apache 2.4 the old access authorisation syntax has been deprecated and replaced by a new system using Require.

What you want then is something like the following:

<Directory "/labs/Projects/Nebula/">
  Options All
  AllowOverride All
  <RequireAny>
    Require local
    Require ip 192.168.1
  </RequireAny>
</Directory>

This will allow connections that originate either from the local host or from ip addresses that start with "192.168.1".

There is also a new module available that makes Apache 2.4 recognise the old syntax if you don't want to update your configuration right away:

sudo a2enmod access_compat

Apache: client denied by server configuration

Tags:

Apache

.Htaccess

Related

Recent Posts