How do I set up my new webserver using apache?

Question

I'm making a private web server, but I can't get it to work.

I'm running CentOS.
I installed apache and verified that it's running.
I set up httpd.conf according to online tutorials (mainly this one ) I called my ISP and they assure me that they do not block port 80. (I have DSL) I configured my router to forward ports 80 and 443 to my server. I purchased a URL from godaddy.com, and set it up to forward to the external IP of my router (which I found simply by going to http://www.whatismyip.com/)

Forwarding port 22 in my router is all I need to do to be able to ssh to my server with my URL. From what I read, I should be all set up and should be getting an error 404 or 403 when I visit my webpage(which would be great, it would mean that my server is responding).

But my browser informs me that it cannon connect. Just as if my server did not exist.

Obviously, I'm missing something. Is there something other than my ISP or my router that might block port 80? Is there a better resource to learn about configuring apache? Can someone please help me figure out what's going wrong?

(Note: I don't have a static IP address. But, I know that my IP hasn't changed in a while and I'm monitoring it so I can know if it does change. I'm working under the assumption that I can set up an unstable website that will work until my ISP decides to assign me a new IP. Please correct me if I'm wrong in this.)

I have the section that says:

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

followed by one that says:

<Directory /var/www/html>
    Options Indexes FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

Where "/var/www/html" is my DocumentRoot

Answer 1

Well, since you got the service up and running, there are a couple of things you may have to check, since you have centos running (I assume the 5 series).

Make sure that iptables allows http traffic. If not, run:

iptables -I INPUT 5 -m tcp -p tcp --dport 80 -j ACCEPT

AND

If you have SELinux running, you will need to enable http access. You can verify by running:

[root@centos ssl]# getsebool -a | grep httpd
allow_httpd_anon_write --> on
allow_httpd_bugzilla_script_anon_write --> on
allow_httpd_cvs_script_anon_write --> on
allow_httpd_mod_auth_pam --> on
allow_httpd_nagios_script_anon_write --> on
allow_httpd_prewikka_script_anon_write --> on
allow_httpd_squid_script_anon_write --> on
allow_httpd_sys_script_anon_write --> on
httpd_builtin_scripting --> on
httpd_can_network_connect --> on
httpd_can_network_connect_db --> on
httpd_can_network_relay --> on
httpd_can_sendmail --> on
httpd_disable_trans --> on
httpd_enable_cgi --> on
httpd_enable_ftp_server --> on
httpd_enable_homedirs --> on
httpd_read_user_content --> on
httpd_rotatelogs_disable_trans --> on
httpd_setrlimit --> on
httpd_ssi_exec --> on
httpd_suexec_disable_trans --> on
httpd_tty_comm --> on
httpd_unified --> on
httpd_use_cifs --> on
httpd_use_nfs --> on

Otherwise, tail /var/log/httpd/error_log and see what it tells you.

Answer 2

I don't believe Apache has a default rule that disallows all except for localhost, but it is my guess that what you are experiencing.

In the httpd.conf , there is a directive that sets Apache so that nobody can access it, and it looks like this:

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

This is normal, and you dont need to edit it. Just make sure that you have another directive in your httpd.conf file that overrides that and allows SOME access, such as:

<Directory "R:/Apache2.2/htdocs/wordpress">
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from 127.1
    Allow from 10
    Allow from 208.32
    #Allow from all
</Directory>