WampServer: 403 Forbidden

Question

All of a sudden my local WampServer vhosts are not working.

I've added a new vhost to vhosts.conf and hosts.

When I load that vhost in a web browser, I receive 403 Forbidden.

In vhosts.conf, I have:

<VirtualHost *:80>
    ServerName example.com.au
    ServerAlias example.com.au
    DocumentRoot "D:\Dropbox\WAMP\WWW\example.com.au"
    <Directory  "D:\Dropbox\WAMP\WWW\example.com.au">
        Options Indexes FollowSymLinks MultiViews
        Require all granted
    </Directory>
</VirtualHost>

In httpd.conf I have:

Listen 10.0.0.199:80 ::1
Listen [::0]:80

<Directory />
    AllowOverride none
    Require all denied
</Directory>

where 10.0.0.199 is my PC's IP.

WampServer is online.

WampServer 3.0.6 Apache 2.4.23

Help appreciated.

Answer 1

if you're using wamp2 with apache 2.2 not (2.4):

Next, locate the <Directory "C:/wamp/www"> section, and make sure it includes these options for Apache 2.2:

<Directory "C:/wamp/www">
    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>

remove or comment everything else like:

    ##Order Deny,Allow
    ##Deny from all
    ##Allow from 127.0.0.1

it is working for me.

Answer 2

The default config in httpd.conf has all the Listen parameters you need

Listen 0.0.0.0:80
Listen [::0]:80

This says listen on port 80 of whatever this PC's ip address is for both IPV4 and IPV6 address ranges, and is all you need.

This section of httpd.conf should also be left as you found it. This sets up the basic denial of all rights to all folders on the drive where you installed WAMPServer(Apache) and should do exactly that. Change it back to this

<Directory />
    AllowOverride none
    Require all denied
</Directory>

This is for your security. It say nobody is allowed access to the root of this driver and therefore no access to anything below the root. Once this is set you are then supposed to open up access to ONLY what Apache actually need access to. That is what you do in your httpd-vhosts.conf file for only the folders that site requires access too. If you are hacked, then a hacker can only access those folder given access and NOT YOUR WHOLE DRIVE.

Your Virtual Host definition in httpd-vhosts.conf shoudl look like this

<VirtualHost *:80>
    ServerName example.com.au
    ServerAlias www.example.com.au
    DocumentRoot D:/Dropbox/WAMP/WWW/example.com.au
    <Directory  "D:/Dropbox/WAMP/WWW/example.com.au/">
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All

        ## Dangerous unless you really mean to 
        ## allow the universe into your server
        ## I would use one of the other options and comment this one out
        Require all granted

        # If access from this PC only then us
        # i.e. you are a standalone developer
        # uncomment this
        #Require local

        #If access from your local network is required
        # i.e. you are working with other devs within your local network
        # uncomment this
        #Require ip 10.0.0

    </Directory>
</VirtualHost>

Note the use of Unix forward slashes and the <Directory.... tag needs a trailing slash

Then check your HOSTS file it should be like this

127.0.0.1 localhost
::1 localhost
127.0.0.1 example.com.au
::1 example.com.au

Answer 3

I changed

<Directory />
    AllowOverride none
    Require all denied
</Directory>

to

<Directory />
    AllowOverride none
    Require all granted
</Directory>

in httpd.conf, and that resolved the 403 error.