403 Forbidden due to Client Denied by Server Configuration

【问题标题】:403 Forbidden due to Client Denied by Server Configuration403 Forbidden due to Client Denied by Server Configuration
【发布时间】:2015-12-07 14:20:43
【问题描述】:

我正处于启动 Django webapp 的最后阶段,我一直在努力理解为什么我不断收到 403 Forbidden 错误(您无权访问 / 在此服务器上)。当我检查我的错误日志时,输出的最后一部分如下:

[Fri Sep 11 04:54:04.525052 2015] [:error] [pid 31126:tid 140413402863360] [client 104.156.102.54:62884] ImportError: No module named foodshop.settings
[Fri Sep 11 05:10:08.926570 2015] [mpm_event:notice] [pid 31122:tid 140413615802240] AH00491: caught SIGTERM, shutting down
[Fri Sep 11 05:10:09.912491 2015] [mpm_event:notice] [pid 31345:tid 139760551360384] AH00489: Apache/2.4.7 (Ubuntu) mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Fri Sep 11 05:10:09.912511 2015] [core:notice] [pid 31345:tid 139760551360384] AH00094: Command line: '/usr/sbin/apache2' 
[Fri Sep 11 05:10:15.259159 2015] [authz_core:error] [pid 31349:tid 139760274188032] [client 104.156.102.54:63064] AH01630: client denied by server configuration: /home/ubuntu/foodshop
[Fri Sep 11 05:15:00.604266 2015] [mpm_event:notice] [pid 31345:tid 139760551360384] AH00491: caught SIGTERM, shutting down
[Fri Sep 11 05:15:01.657535 2015] [mpm_event:notice] [pid 31455:tid 140370721130368] AH00489: Apache/2.4.7 (Ubuntu) mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Fri Sep 11 05:15:01.657552 2015] [core:notice] [pid 31455:tid 140370721130368] AH00094: Command line: '/usr/sbin/apache2'
[Fri Sep 11 05:15:06.215273 2015] [authz_core:error] [pid 31458:tid 140370621613824] [client 104.156.102.54:63126] AH01630: client denied by server configuration: /home/ubuntu/foodshop
[Fri Sep 11 05:15:07.389851 2015] [authz_core:error] [pid 31458:tid 140370613221120] [client 104.156.102.54:63126] AH01630: client denied by server configuration: /home/ubuntu/foodshop
[Fri Sep 11 05:15:08.519875 2015] [authz_core:error] [pid 31458:tid 140370427979520] [client 104.156.102.54:63126] AH01630: client denied by server configuration: /home/ubuntu/foodshop
[Fri Sep 11 05:33:55.993127 2015] [mpm_event:notice] [pid 31455:tid 140370721130368] AH00491: caught SIGTERM, shutting down
[Fri Sep 11 05:33:56.047551 2015] [mpm_event:notice] [pid 31598:tid 140492520712064] AH00489: Apache/2.4.7 (Ubuntu) mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Fri Sep 11 05:33:56.047572 2015] [core:notice] [pid 31598:tid 140492520712064] AH00094: Command line: '/usr/sbin/apache2'
[Fri Sep 11 05:34:01.575422 2015] [authz_core:error] [pid 31602:tid 140492306102016] [client 104.156.102.54:63348] AH01630: client denied by server configuration: /home/ubuntu/foodshop
[Fri Sep 11 05:34:02.481030 2015] [authz_core:error] [pid 31602:tid 140492297709312] [client 104.156.102.54:63348] AH01630: client denied by server configuration: /home/ubuntu/foodshop
[Fri Sep 11 05:34:03.342911 2015] [authz_core:error] [pid 31602:tid 140492289316608] [client 104.156.102.54:63348] AH01630: client denied by server configuration: /home/ubuntu/foodshop

需要注意的几点...该应用程序在我的本地主机上完美运行。另外,我运行 sudo chown -R www-data apache2.conf 将所有权更改为 apache。如果它更有用,我很乐意分享整个错误日志,但它很长。

我在 EC2 实例 (Ubuntu 14.04) 上运行它。

你也可以在下面看到我的 000-default.conf 文件:

<VirtualHost *:80>
    # The ServerName directive sets the request scheme, hostname and port t$
    # the server uses to identify itself. This is used when creating
    # redirection URLs. In the context of virtual hosts, the ServerName
    # specifies what hostname must appear in the request's Host: header to
    # match this virtual host. For the default virtual host (this file) this
    # value is not decisive as it is used as a last resort host regardless.
    # However, you must set it for any further virtual host explicitly.
    #ServerName www.example.com

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf
    Alias /static /home/ubuntu/gather/static
    <Directory /home/ubuntu/gather/static>
            Require all granted
    </Directory>

    <Directory /home/ubuntu/gather/src/foodshop>
            <Files wsgi.py>
                    Require all granted
            </Files>
    </Directory>

    WSGIDaemonProcess gather processes=2 threads=15
    WSGIProcessGroup gather
    WSGIScriptAlias / /home/ubuntu/gather/src/foodshop/wsgi.py

</VirtualHost>

【问题讨论】:

    标签: python django apache ubuntu amazon-ec2


    【解决方案1】:

    在你的 apache2.conf 文件中确保它看起来像这样:

    <Directory /path/to/project/>
        WSGIProcessGroup name
        WSGIApplicationGroup %{GLOBAL}
        Options All
        AllowOverride All
        Require all granted
</Directory>

    而不是那样(这是 apache 2.2 的配置,而上面是 apache 2.4 的配置)

    <Directory /path/to/project/>
        WSGIProcessGroup name
        WSGIApplicationGroup %{GLOBAL}
        Order deny,allow
        Allow from all
</Directory>

    编辑

    尝试将您的 apache 配置更改为此(不确定您的应用程序的根目录是什么,您可能需要添加更改一行:&lt;Directory /home/ubuntu/gather/src/foodshop/&gt;:

    ServerAdmin webmaster@localhost
DocumentRoot /var/www/html

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

WSGIDaemonProcess gather processes=2 threads=15
WSGIScriptAlias / /home/ubuntu/gather/src/foodshop/wsgi.py

<Directory /home/ubuntu/gather/src/>
    WSGIProcessGroup gather
    WSGIApplicationGroup %{GLOBAL}
    Options All
    AllowOverride All
    Require all granted
</Directory>

Alias /media/ /home/ubuntu/gather/src/foodshop/media/
<Directory /home/ubuntu/gather/src/foodshop/media/>
    Options FollowSymLinks MultiViews
    Order deny,allow
    Allow from all
</Directory>

Alias /static/ /home/ubuntu/gather/src/foodshop/static/
<Directory /home/ubuntu/gather/src/foodshop/static/>
    Options FollowSymLinks MultiViews
    Order allow,deny
    Allow from all
</Directory>

    【讨论】:

    • 如何找到 WSGIProcessGroup 的名称?
    • name 由你决定,它必须与WSGIDaemonProcess 中的相同,例如:WSGIDaemonProcess name processes=2 threads=15
    • @acs254 你想让我给你发一个完整的例子 apache 配置吗?或者也许更好,发布你的,我可以告诉你出了什么问题。
    • @acs254 对答案做了一些修改,试一试。
    • 感谢您发布编辑。我尝试了它们,现在我收到了 500 Internal Sever Error(这似乎是朝着正确方向迈出的一步)。现在我收到以下错误:[Mon Sep 14 02:39:59.616496 2015] [core:warn] [pid 4623] AH00111: Config variable ${APACHE_LOCK_DIR} is not defined.... 和 ${ APACHE_PID_FILE}、${APACHE_RUN_USER}、${APACHE_RUN_GROUP} 和 ${APACHE_LOG_DIR} 我想我可以弄清楚如何定义它们。感谢您的帮助!
    猜你喜欢
    • 2019-02-20
    • 2020-02-27
    • 2013-11-01
    • 2020-07-10
    • 2018-04-15
    • 2016-07-20
    • 2014-03-29
    • 2020-04-26
    • 2015-08-08
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode