I installed a CGI script on a fresh installation of Apache 2.4 on Ubuntu server 14.04. Apache keeps replying with 403 Forbidden also if, to me, the configuration file is ok. The CGI is the Monitorix front-end, a system monitoring tool written in Perl.
The configuration file /etc/apache2/conf-enabled/monitorix.conf
is:
Alias /monitorix /var/lib/monitorix/www
ScriptAlias /monitorix-cgi /var/lib/monitorix/www/cgi
<Directory /var/lib/monitorix/www/cgi/>
DirectoryIndex monitorix.cgi
Options ExecCGI
<IfModule mod_authz_core.c>
# Apache 2.4
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
# Apache 2.2
Order deny,allow
Allow from all
</IfModule>
</Directory>
All files in /var/lib/monitorix/www
and /var/lib/monitorix/www/cgi
have at least read permission for all. Every time I try to access from URL /monitorix
, in my Apache log I see lines:
[Mon Sep 01 06:57:52.995680 2014] [authz_core:error] [pid 17145] [client x.x.x.x:58879] AH01630: client denied by server configuration: /var/lib/monitorix/www
[Mon Sep 01 07:00:10.131166 2014] [authz_core:error] [pid 17145] [client x.x.x.x:58903] AH01630: client denied by server configuration: /var/lib/monitorix/www
[Mon Sep 01 07:00:11.102614 2014] [authz_core:error] [pid 17145] [client x.x.x.x:58903] AH01630: client denied by server configuration: /var/lib/monitorix/www
...
Plus, I cannot get why, when I try to access from URL /monitorix-cgi
(I got the idea from the ScriptAlias
directive) I get 200 Ok and I can see the Perl source of /var/lib/monitorix/www/cgi/monitorix.cgi
.
Time ago I installed this tool on Debian and I had no problems, /monitorix
worked as expected and /monitorix-cgi
correctly gave me 403 Forbidden instead of showing the Perl source file.
Update: this issue has been reported to Monitorix and probably fixed (#69)
Best Answer
When you access /monitorix in a browser, you are accessing /var/lib/monitorix/www. Your Directory block allows access to /var/lib/monitorix/www/cgi, not /var/lib/monitorix/www. Either change the Alias to:
or add an additional Directory block:
As for seeing the source of the cgi, it's probably mod_cgi's configuration. Either it's not enabled or it's not set to handle *.cgi files. You may need to add:
to your virtualhost or directory block. If that doesn't work, try this in your shell:
and follow the instructions to reload apache. If it still doesn't work, add a comment below and possibly update your question. I'll take another look and maybe set up a test system.