I have a simple file server (apache 2.4 on centos 7) with following structure:
/index.html – a page to make sure there is no directory listing here
/upload – php scripts for upload
/storage – base dir for files
/storage/upload – files uploaded by php
/storage/public – files that are not password protected
I can't make directory listing work. For example in /storage/public I see the /index.html page. There is no index.html in /storage/public.
If I delete this page I see default apache "testing 123" page in / page and directory listing works in /storage/public (and all other places that have +Indexes).
Why /index.html is showing in /storage/public/
<IfModule mod_ssl.c>
<VirtualHost *:443>
DocumentRoot "/home/webroot/www"
ServerName subdomain.example.com
ErrorLog "/home/rootdir/log/subdomain.error.log"
CustomLog "/home/rootdir/log/subdomain.access.log" common
SuexecUserGroup user apache
#Set caching on image files for 11 months
<filesMatch "\.(ico|gif|jpg|png|js|css)$">
#ExpiresActive On
#ExpiresDefault "access plus 11 month"
Header append Cache-Control "public"
</filesMatch>
<Directory "/home/webroot/www" >
AllowOverride None
Options -ExecCGI -Indexes +Includes +SymLinksIfOwnerMatch +MultiViews
Require all granted
</Directory>
<Directory "/home/webroot/www/storage/upload" >
AllowOverride None
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /home/rootdir/.htpasswd
Require valid-user
<FilesMatch "\.php$">
SetHandler "proxy:unix:/usr/local/php73/var/run/php-fpm.sock|fcgi://localhost/"
</FilesMatch>
</Directory>
<Directory "/home/webroot/www/storage/" >
AllowOverride None
Options +Indexes +SymLinksIfOwnerMatch +MultiViews
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /home/rootdir/.htpasswd
Require valid-user
#Require all granted
RemoveType .php
Order allow,deny
Allow from all
</Directory>
<Directory "/home/webroot/www/storage/public" >
Options +Indexes +SymLinksIfOwnerMatch +MultiViews
AuthType None
Require all granted
Satisfy Any
</Directory>
<Directory "/home/webroot/www/.well-known" >
AuthType None
Require all granted
Satisfy Any
Allow from all
</Directory>
<Directory "/home/webroot/www/storage/upload" >
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /home/rootdir/.htpasswd
Require valid-user
</Directory>
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css text/javascript application/x-javascript application/javascript
</IfModule>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/subdomain.example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/subdomain.example.com/chain.pem
</VirtualHost>
</IfModule>
Update:
# apachectl -M|grep autoindex
autoindex_module (shared)
Another vhost have the following problem:
there is index.html in root folder for the vhost
I use
Options -ExecCGI -Indexes
So I have a subdirectory /test and I put another index.html, but when I open /test/ in my browser I see the /index.html instead of /test/index.html
No php in this vhost at all.
Best Answer
The listed problem gives the impression that there is issues with permissions in the folders involved.
There are several kinds of permissions to be checked:
process user/group of httpd:
ps axo pid,user,group,comm
file system permissions:
ls -l
and orls -lR
,ls -ld
)SELinux permissions:
sestatus
to verify status and mode)ls -lZ
and orls -lRZ
ls -ldZ
)ps -axZ | grep httpd
)getsebool -a | grep httpd
)tail -f /var/log/audit/audit.log
)