[CentOS] Forbidden: can't access *.html files in /var/www/html

Alexander Farber alexander.farber at gmail.com
Wed Sep 29 10:43:28 EDT 2010


I'm using the latest CentOS with phpBB 3.0.x + postgreSQL + sendmail
(relayed through gmail.com) - all those programs working fine,
with no big modifications of the CentOS defaults (i.e. SELinux is on).

Now I'm struggling with the seemingly simple problem, that when
I put an .html file into /var/www/html/ then Apache won't serve it.

In the browser I see:


You don't have permission to access /Alex.html on this server.
Apache/2.2.3 (CentOS) Server at XXXX Port 80"

In the  /var/log/httpd/error_log (I've set "LogLevel debug") I only see:

"[error] [client] (13)Permission denied: access to
/Alex.html denied
[error] [client] (13)Permission denied: access to
/Alex.html denied"

The other filetypes like crossdomain.xml and index.php or
hello-world.php are served just fine. Also, if I move my *.html
files under /var/www/html/test/ - then they are served ok.

The permissions are ok in my book:

# ls -al Alex.html index.php hello-world.php
-r--r--r-- 1 root    root     599 Sep 29 15:49 Alex.html
-rw-r--r-- 1 afarber afarber   33 Jul 29 11:32 hello-world.php
-rw-r--r-- 1 root    root    5631 Jun 27 09:38 index.php

#  ls -ald / /var /var/www /var/www/html
drwxr-xr-x 23 root root 4096 Sep 29 15:54 /
drwxr-xr-x 22 root root 4096 Jun 22 15:25 /var
drwxr-xr-x  8 root root 4096 Sep 29 11:45 /var/www
drwxr-xr-x 16 root root 4096 Sep 29 15:59 /var/www/html

# cat /var/www/html/.htaccess (installed by phpBB)
<Files "config.php">
Order Allow,Deny
Deny from All

<Files "common.php">
Order Allow,Deny
Deny from All

#  /usr/sbin/getsebool -a | grep http
allow_httpd_anon_write --> off
allow_httpd_bugzilla_script_anon_write --> off
allow_httpd_cvs_script_anon_write --> off
allow_httpd_mod_auth_pam --> off
allow_httpd_nagios_script_anon_write --> off
allow_httpd_prewikka_script_anon_write --> off
allow_httpd_squid_script_anon_write --> off
allow_httpd_sys_script_anon_write --> off
httpd_builtin_scripting --> on
httpd_can_network_connect --> off
httpd_can_network_connect_db --> off
httpd_can_network_relay --> off
httpd_can_sendmail --> on
httpd_disable_trans --> off
httpd_enable_cgi --> on
httpd_enable_ftp_server --> off
httpd_enable_homedirs --> on
httpd_read_user_content --> off
httpd_rotatelogs_disable_trans --> off
httpd_ssi_exec --> off
httpd_suexec_disable_trans --> off
httpd_tty_comm --> on
httpd_unified --> on
httpd_use_cifs --> off
httpd_use_nfs --> off

I've looked into /etc/httpd/conf/httpd.conf and conf.d/ files...

Does anybody know what is wrong, how to find out?


More information about the CentOS mailing list