Apache拒绝连接

时间:2009-04-20 03:39:32

标签: apache freebsd httpd.conf

我最近在我的FreeBSD机器上安装了Apache。一切都很好; telnet通过本地机器和http通过我的XP盒上的Firefox(通过我的DSL路由器连接)获得了“它的工作!”页。然后,我重新启动了我的BSD机器,现在既不通过telnet(通过su和我的普通帐户)也不允许Firefox连接 - 我一直都得到403错误。我检查过权限并多次浏览httpd.conf但是我无法弄清楚这一点。我的httpd.conf文件如下:

ServerRoot "/usr/local"

Listen 80

LoadModule authn_file_module libexec/apache22/mod_authn_file.so
LoadModule authn_dbm_module libexec/apache22/mod_authn_dbm.so
LoadModule authn_anon_module libexec/apache22/mod_authn_anon.so
LoadModule authn_default_module libexec/apache22/mod_authn_default.so
LoadModule authn_alias_module libexec/apache22/mod_authn_alias.so
LoadModule authz_host_module libexec/apache22/mod_authz_host.so
LoadModule authz_groupfile_module libexec/apache22/mod_authz_groupfile.so
LoadModule authz_user_module libexec/apache22/mod_authz_user.so
LoadModule authz_dbm_module libexec/apache22/mod_authz_dbm.so
LoadModule authz_owner_module libexec/apache22/mod_authz_owner.so
LoadModule authz_default_module libexec/apache22/mod_authz_default.so
LoadModule auth_basic_module libexec/apache22/mod_auth_basic.so
LoadModule auth_digest_module libexec/apache22/mod_auth_digest.so
LoadModule file_cache_module libexec/apache22/mod_file_cache.so
LoadModule cache_module libexec/apache22/mod_cache.so
LoadModule disk_cache_module libexec/apache22/mod_disk_cache.so
LoadModule dumpio_module libexec/apache22/mod_dumpio.so
LoadModule include_module libexec/apache22/mod_include.so
LoadModule filter_module libexec/apache22/mod_filter.so
LoadModule charset_lite_module libexec/apache22/mod_charset_lite.so
LoadModule deflate_module libexec/apache22/mod_deflate.so
LoadModule log_config_module libexec/apache22/mod_log_config.so
LoadModule logio_module libexec/apache22/mod_logio.so
LoadModule env_module libexec/apache22/mod_env.so
LoadModule mime_magic_module libexec/apache22/mod_mime_magic.so
LoadModule cern_meta_module libexec/apache22/mod_cern_meta.so
LoadModule expires_module libexec/apache22/mod_expires.so
LoadModule headers_module libexec/apache22/mod_headers.so
LoadModule usertrack_module libexec/apache22/mod_usertrack.so
LoadModule unique_id_module libexec/apache22/mod_unique_id.so
LoadModule setenvif_module libexec/apache22/mod_setenvif.so
LoadModule version_module libexec/apache22/mod_version.so
LoadModule ssl_module libexec/apache22/mod_ssl.so
LoadModule mime_module libexec/apache22/mod_mime.so
LoadModule dav_module libexec/apache22/mod_dav.so
LoadModule status_module libexec/apache22/mod_status.so
LoadModule autoindex_module libexec/apache22/mod_autoindex.so
LoadModule asis_module libexec/apache22/mod_asis.so
LoadModule info_module libexec/apache22/mod_info.so
LoadModule cgi_module libexec/apache22/mod_cgi.so
LoadModule dav_fs_module libexec/apache22/mod_dav_fs.so
LoadModule vhost_alias_module libexec/apache22/mod_vhost_alias.so
LoadModule negotiation_module libexec/apache22/mod_negotiation.so
LoadModule dir_module libexec/apache22/mod_dir.so
LoadModule imagemap_module libexec/apache22/mod_imagemap.so
LoadModule actions_module libexec/apache22/mod_actions.so
LoadModule speling_module libexec/apache22/mod_speling.so
LoadModule userdir_module libexec/apache22/mod_userdir.so
LoadModule alias_module libexec/apache22/mod_alias.so
LoadModule rewrite_module libexec/apache22/mod_rewrite.so

<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>

User www
Group www

</IfModule>
</IfModule>

ServerAdmin gvkv@gvCorp.com

ServerName 192.168.2.12:80

DocumentRoot /home/prosperity/html

<Directory />
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

<Directory /home/prosperity/html>

    Options Indexes FollowSymLinks

    AllowOverride None

    Order allow,deny
    Allow from all

</Directory>

<IfModule dir_module>
    DirectoryIndex index.html
</IfModule>

<FilesMatch "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy All
</FilesMatch>

ErrorLog "/var/log/httpd-error.log"

LogLevel warn

<IfModule log_config_module>

    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>
      # You need to enable mod_logio.c to use %I and %O
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

    CustomLog "/var/log/httpd-access.log" combined
</IfModule>

<IfModule alias_module>

    ScriptAlias /cgi-bin/ "/usr/local/www/apache22/cgi-bin/"

</IfModule>

<IfModule cgid_module>

</IfModule>

<Directory "/usr/local/www/apache22/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>

DefaultType text/plain

<IfModule mime_module>

    TypesConfig etc/apache22/mime.types

    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz

</IfModule>

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

Include etc/apache22/Includes/*.conf

编辑:克里斯要求提供一些日志文件数据,所以这里是。

首先,httpd-error.log

[Sun Apr 19 22:37:35 2009] [notice] Digest: done
[Sun Apr 19 22:37:36 2009] [notice] Apache/2.2.9 (FreeBSD) mod_ssl/2.2.9 OpenSSL/0.9.8e DAV/2 configured -- resuming normal operations
[Mon Apr 20 00:00:28 2009] [notice] caught SIGTERM, shutting down
[Mon Apr 20 00:01:18 2009] [warn] Init: Session Cache is not configured [hint: SSLSessionCache]
[Mon Apr 20 00:01:19 2009] [notice] Digest: generating secret for digest authentication ...
[Mon Apr 20 00:01:19 2009] [notice] Digest: done
[Mon Apr 20 00:01:20 2009] [notice] Apache/2.2.9 (FreeBSD) mod_ssl/2.2.9 OpenSSL/0.9.8e DAV/2 configured -- resuming normal operations
[Mon Apr 20 00:01:26 2009] [error] [client 192.168.2.10] (13)Permission denied: access to / denied
[Mon Apr 20 00:01:54 2009] [error] [client 192.168.2.12] (13)Permission denied: access to / denied
[Mon Apr 20 00:02:12 2009] [error] [client 192.168.2.12] (13)Permission denied: access to /home/prosperity/html/index.html denied

其次,httpd-access.log:

192.168.2.12 - - [19/Apr/2009:21:31:40 -0400] "GET / " 403 202 "-" "-"
192.168.2.10 - - [19/Apr/2009:21:51:07 -0400] "GET / HTTP/1.1" 403 202 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8 (.NET CLR 3.5.30729)"
192.168.2.12 - - [19/Apr/2009:22:00:29 -0400] "GET / " 403 202 "-" "-"
192.168.2.12 - - [19/Apr/2009:22:00:54 -0400] "GET /home/prosperity/test.html" 403 227 "-" "-"
192.168.2.12 - - [19/Apr/2009:22:01:13 -0400] "GET /home/prosperity/index.html" 403 228 "-" "-"
127.0.0.1 - - [19/Apr/2009:22:07:00 -0400] "GET / HTTP/1.0" 403 202 "-" "-"
192.168.2.12 - - [19/Apr/2009:22:13:12 -0400] "GET /home/prosperity/html/test.html" 403 232 "-" "-"
192.168.2.10 - - [20/Apr/2009:00:01:26 -0400] "GET / HTTP/1.1" 403 202 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8 (.NET CLR 3.5.30729)"
192.168.2.12 - - [20/Apr/2009:00:01:54 -0400] "GET /" 403 202 "-" "-"
192.168.2.12 - - [20/Apr/2009:00:02:12 -0400] "GET /home/prosperity/html/index.html" 403 233 "-" "-"

2 个答案:

答案 0 :(得分:1)

看起来 / home / prosperity / html 具有错误日志中的错误权限。

它应该可以被组读取: www 和用户: www ,如http.conf中所定义

答案 1 :(得分:0)

启动PF是否已启用?

您可以查看 /etc/rc.conf ,例如:

pf_enable="YES"

如果是这样,那么它可能会阻止telnet和http传入连接。您可以在 /etc/pf.rules 中添加telnet / apache规则,或者只需将上述设置更改为“NO”

你还确定这两个守护进程在启动时重新启动了吗? 根据您安装和配置telnet和Apache的方式,他们可能会错过正确的设置以自动启动。

再次检查 /etc/rc.conf ,例如:

apache_enable="YES"

apache22_enable="YES"

正如克里斯在评论中所说,如果不了解日志中的更多信息,很难猜到。

另外,请仔细检查执行实际上是否有IP地址。 嘿,你永远不会知道。