Apache 'You don't have permission to access xx on this server'

Question

I am using ubuntu 12.04 and apache (new in both of them) and I want to add a new virtual directory so I modify the file /etc/apache2/sites-available/default, adding the following:

Alias /docs/ "/home/kk/workspace/javascript/maplib/"
<Directory "/home/kk/workspace/javascript/maplib/">
    Options Indexes MultiViews FollowSymLinks
    AllowOverride None
</Directory>

Then I open the url http://localhost/docs/ in the browser and I get the following message:

You don't have permission to access /docs/ on this server.

Then I think it may be caused by the file/folder permission. So I add the read permession to all users by:

sudo chmod a+r /home/kk/workspace/javascript/maplib/

Then I run

ls -ld ~/workspace/javascript/maplib/ 

and I got this:

drwxr--r-- 14 kk kk 4096 Mar 11 08:36 /home/kk/workspace/javascript/maplib/

As you can see every user shold have the read access to the directory, but nothing changed ( I also get the 403 message).

Then I try to find the permission of /var/www and I get:

drwxr-xr-x 2 root root 4096 Mar  8 15:33 /var/www

It seems that it just add the execute permission to the folder, but I do not think this is the problem.

So what is going on?

---

BTW, why does apache identify /docs and /docs/ with two different url? Since I will get 404 by localhost/docs?

Answer 1

In your Apache installation access is controlled using etc/apache2/envars and implemented in etc/apache2/apache2.conf

In /etc/apache2/apache2.conf you will find the following lines about half way down a the file.

#These need to be set in /etc/apache2/envars
    User ${APACHE_RUN_USER}
    Group ${APACHE_RUN_GROUP}

In /etc/apache2/envars you will find

export APACHE_RUN_USER=www-data
export APACHE_RUN_GROUP=www-data 

The directories you want the webserver to access need to be in the group running the webserver. I would say to check the group permissions and fix them if necessary. If you have these set correctly come back and post the Apache access logs.