RHEL Apache: 403 Forbidden on VirtualHost

Question

My files are all owned by apache:apache. All directories have 770 permissions and files have 660 permissions. My original virtualhost seems to be fine but the second one is getting 403 errors on all paths.

Here's my current configuration in /etc/httpd/conf/httpd.conf

<Directory "/var/www/site1">
        Options Indexes FollowSymLinks
        AllowOverride All
        <IfModule mod_access.c>
                Order allow,deny
                Allow from all
        </IfModule>
</Directory>

<Directory "/var/www/site2">
        Options Indexes FollowSymLinks
        AllowOverride All
        <IfModule mod_access.c>
                Order allow,deny
                Allow from all
        </IfModule>
</Directory>

<VirtualHost *:80>
        ServerAdmin     serveradmin@domain.com
        DocumentRoot    /var/www/site1/
        ServerName      site1.domain.com
        ErrorLog        /var/log/httpd/site1.error.log
        CustomLog       /var/log/httpd/site1.access.log common
</VirtualHost>

<VirtualHost *:80>
        ServerAdmin     serveradmin@domain.com
        DocumentRoot    /var/www/site2/
        ServerName      site2.domain.com
        ErrorLog        /var/log/httpd/site2.error.log
        CustomLog       /var/log/httpd/site2.access.log common
</VirtualHost>

Answer 1

SELinux is likely to be the culprit here.

Somehow the parent's context wasn't inherited correctly when creating files/directories in the /var/www directory.

Setting the container implicitly with restorecon or explicitely with chcon should fix the issue.

Watch out for lines in /var/log/audit.log when you are troubleshooting issues in a SELinux setting.

To fix the issue at hand, run:

# restorecon -R /var/www

as root. This will restore /var/www's context as determined by SELinux's system policy to /var/www and all folders and files below it.

Further information on (troubleshooting) SELinux can be found here, here and here.