I've read many of the related permissions posts on StackOverflow and others and do not see why my virtual hosts for Apache2.4 on Windows 2008 appears to work inconsistently. The main site is running Drupal and the other one is essentially a clone of it that I want to run on port 8080 as an example in Apache's documentation.
In httpd.conf I have
Listen 80
Listen 8080
The one for port 80 works, but the one for 8080 returns the 403 error page.
<VirtualHost *:80>
DocumentRoot C:/Server/DOM
ServerName example.edu
<Directory C:/Server/DOM>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:8080>
DocumentRoot C:/Server/uat
ServerName example.edu
<Directory C:/Server/uat>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Since this is Apache 2.4, the Require all granted is needed. The top one works, but the bottom one does not. I have compared the permissions on each directory and do not see any difference. The .htaccess is copied from the working one.
Apache returns this in its error log:
AH01797: client denied by server configuration: C:/Server/uat/
The only clue I'm seeing is when I remove the virtual host for port 80 and run https.exe -S
As you can see it's pulling in the default server and recognizes the config for the virtual host. I don't see any errors but clearly something I'm doing is wrong. Please show me what I should check next.
C:\Users\wattsg>c:\Apache24\bin\httpd.exe -S
VirtualHost configuration:
*:8080 example.edu (C:/Apache24/conf/extra/httpd-v
hosts.conf:25)
ServerRoot: "C:/Apache24"
Main DocumentRoot: "C:/Server/DOM"
Main ErrorLog: "C:/Server/DOM/logs/error.log"
Mutex ssl-stapling-refresh: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="C:/Apache24/logs/" mechanism=default
PidFile: "C:/Apache24/logs/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
I have also checked the Windows Server to ensure that inbound ports for Apache24 are open for all.
Best Answer
It comes down to how defaults for virtual servers are set in Apache 2. In the httpd.conf file I read that the default server would be overridden by any virtual server. I misread that. The config in httpd.conf defines the defaults. The virtual server setups can then alter them individually. My first mistake was that the main root site defined in this file ruled. That's why it always showed up. My second problem was that even though I defined the Directory rules correctly, I thought. It still refused permission even though I used the Apache 2.4 Require All Granted. This adjustment, which I have set up in the main conf file, allowed it to run. I hope it's secure from what I've been reading.
Allow from all
Require all granted