I'd drop the IfModules and IfDefines and see how that changes your observations.
On Mon, Jul 16, 2018 at 5:53 PM James Moe <jimoe@sohnen-moe.com.invalid> wrote:
>
> Hello,
> opensuse LEAP 15
> linux 4.12.14-lp150.11-default x86_64
> apache2 2.4.33
>
> After the upgrade from v2.4.23 to v2.4.33, https requests yield error
> 403:
> Access forbidden!
> You don't have permission to access the requested directory. There is
> either no index document or the directory is read-protected.
>
> Neither of the stated reasons are true. The OS permissions for the
> directory are 775; there is an <index.php>.
> So, the "permissions" are an apache thing, not OS?
>
> http requests yield eroor 400:
> Bad request!
> Your browser (or proxy) sent a request that this server could not
> understand.
>
> This was obviously not a problem in v2.4.23. I do not see what is
> different.
> apachectl -t proclained "Syntax OK."
>
> Suggestions?
>
> ----[ from the error log ]----
> [Mon Jul 16 14:45:30.020764 2018] [access_compat:error] [pid 26589]
> [client 192.168.69.115:48200] AH01797: client denied by server
> configuration: /data01/t-drv/websites/sma-v3/
>
>
> ----[ vhost config ]----
> <VirtualHost *:80>
> ServerAdmin jimoe@sohnen-moe.com
>
> ServerName sma-v3.sma.com
> DocumentRoot "/data01/t-drv/websites/sma-v3"
> ErrorDocument 404 /404.php
> ErrorDocument 410 /410.php
> ErrorDocument 401 /401.php
>
> ErrorLog "/data01/t-drv/websites/.logs/sma-v3-error_log"
> CustomLog "/data01/t-drv/websites/.logs/sma-v3-access_log" common
>
> <Directory "/data01/t-drv/websites/sma-v3">
> AllowOverride FileInfo Authconfig Options
> Options Indexes FollowSymLinks MultiViews
>
> AddHandler application/x-httpd-php .php
> MultiviewsMatch Handlers
>
> Require all granted
> </Directory>
> <Files *>
> Forcetype application/x-http-php
> </Files>
> <Files *\.*>
> Forcetype none
> </Files>
>
> </VirtualHost>
>
> ##
> ## SSL Virtual Host Context
> ##
> <IfDefine SSL>
> #
> # Some MIME-types for downloading Certificates and CRLs
> #
> # AddType application/x-x509-ca-cert .crt
> # AddType application/x-pkcs7-crl .crl
>
> <IfModule mod_ssl.c>
> <VirtualHost *:443>
>
> # General setup for the virtual host
> DocumentRoot "/data01/t-drv/websites/sma-v3"
> ServerName sma-v3.sma.com
> ServerAdmin jimoe@sohnen-moe.com
> ErrorLog "/data01/t-drv/websites/.logs/sma-v3s-error_log"
> CustomLog "/data01/t-drv/websites/.logs/sma-v3s-access_log" common
> TransferLog "/data01/t-drv/websites/.logs/access_log"
>
> ErrorDocument 404 /404.php
> ErrorDocument 410 /410.php
> ErrorDocument 401 /401.php
>
> <Directory "/data01/t-drv/websites/sma-v3">
> AllowOverride Authconfig
> AllowOverride All
> Options -ExecCGI
> Require all granted
> </Directory>
>
> SSLEngine on
>
> # SSLCertificateFile
> "/data01/t-drv/websites/.conf/ssl/sma-ca-2/sma-multi.crt"
> # SSLCertificateKeyFile
> "/data01/t-drv/websites/.conf/ssl/sma-ca-2/sma-multi.key"
>
> SSLCertificateChainFile "/data01/srv/vhosts.sma/ssl/sma-ca-chain.cert.pem"
> SSLCertificateFile "/data01/srv/vhosts.sma/ssl/www.sma.com.cert-01.pem"
> SSLCertificateKeyFile
> "/data01/srv/vhosts.sma/ssl/www.sma.com.insecure-01.key"
>
> # SSLCipherSuite HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL
> SSLProtocol ALL -SSLv2
>
> </VirtualHost>
> </ifmodule>
> </ifdefine>
> ----[ end ]----
>
>
>
> --
> James Moe
> moe dot james at sohnen-moe dot com
> 520.743.3936
> Think.
>
--
Eric Covener
covener@gmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
|