I'm running Apache 2.4.41 on Ubuntu 20.04 and am not able to get any Require directives working on my VirtualHost. As a minimum working example, my VHost file:
<VirtualHost *:80>
ServerName my.domain.com
DocumentRoot "/var/www/html/admin"
<Directory /var/www/html/admin>
Require all denied
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
is intended to block all access but the log shows:
[authz_core:debug] [pid 340724] mod_authz_core.c(735): [client ***.***.***.***:59008] AH01625: authorization result of <RequireAny>: granted (directive limited to other methods)
I can't see any overrides on Require behaviour elsewhere in my Apache configuration tree. For instance, /etc/apache2/apache.conf
contains:
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
</Directory>
My modules loaded are:
Loaded Modules:
core_module (static)
so_module (static)
watchdog_module (static)
http_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
unixd_module (static)
access_compat_module (shared)
alias_module (shared)
auth_basic_module (shared)
authn_core_module (shared)
authn_file_module (shared)
authz_core_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
filter_module (shared)
headers_module (shared)
mime_module (shared)
mpm_prefork_module (shared)
negotiation_module (shared)
php7_module (shared)
proxy_module (shared)
proxy_http_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
setenvif_module (shared)
socache_shmcb_module (shared)
ssl_module (shared)
status_module (shared)
apachectl -t
and apachectl -S
give standard output.
Has anyone any thoughts as to where I should be looking next?
(Reminder: Apache 2.4 not Apache 2.2 so looking to use the current terminology)
Best Answer
Thanks to everyone who read through my question - I have found a solution and thought I would share it.
I moved my Apache2 tree to one side and reinstalled the relevant packages from repository. The Require suite of directives now worked again so I compared the old and new trees to find differences.
I found an obscure directive containing a Require all command that I had placed in my conf-enabled directory and this turned out to be the cause of the problem.
So, if there are problems with Apache directives, it is worth checking more than just apache2.conf and the vhosts directory - work through the conf and mods directories too!
Cheers