0

After upgrading from Debian 7 to 8 and therefore from Apache 2.2 to 2.4, I'm facing some issues regarding php scripts. As the configuration files between the apache versions are not compatible, I did a fresh install of apache after the upgrade. While all .html files in /var/www/html are accessible, php scripts are not executed and return a 403 Permission denied.

a2enmod php5 tells me that the php module is enable The apache2.conf is absolutely standard and specifies: 

<Directory /var/www/>
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted
</Directory>

I've tried lots of different permissions on the php files themselves. For my test.php that should display phpinfo() they are currently set to -rwxr-xr-x with the owner being www-data, which is identical to the html files working and was most likely the user Apache 2.2 used.

The VirtualHost config coming with the new Apache is just the 000-default.conf

<VirtualHost *:80>
        ServerName www.mydomain.com

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html
</VirtualHost>
Roper
  • 121
  • 3
  • Have you set the `SetHandler` directive for .php files? – Colt Jul 03 '16 at 00:04
  • I haven't set it myself, but the php5.conf in /etc/apache/mods-enabled includes: ` SetHandler application/x-httpd-php ` – Roper Jul 03 '16 at 00:13
  • Some Debian derivatives used old access control protocols in the `php5.conf` file. If you have `Order Deny,Allow` and `Deny from all` in the file, DELETE both lines and REPLACE with the single line `Require all denied`. If you mix the old and the new, [the old will take precedence](http://httpd.apache.org/docs/2.4/upgrading.html#run-time) and your `Require all granted` in the `apache2.conf` may not take effect. – Colt Jul 03 '16 at 01:35
  • The php5.conf seems to be using the new syntax. I also searched for other occurences of "Deny from all" in /etc/apache2 without any result. Here is the complete php5.conf: [link](http://pastie.org/10897780). There shouldn't be any leftovers from the old configuration as I completely reinstalled apache. – Roper Jul 03 '16 at 10:39
  • Just to check before going farther, have you restarted Apache since these changes? – Colt Jul 03 '16 at 12:47
  • Yes I have. I also tried different permissions on /var/www/html and restarted the service after every change. The same goes for changes made to conf files of apache. – Roper Jul 03 '16 at 13:17
  • Can you post the complete apache2.conf, 000-default.conf (or whatever is the virtual host conf), and the exact error message? – Colt Jul 03 '16 at 13:26
  • I appreciate your help. Here are both files, the 000-default.conf for my virtual host: [link](http://pastie.org/10897876) and the apache2.conf: [link](http://pastie.org/10897877) The 'exact' error message in the browser is a simple "403 - Forbidden". /var/log/apache2/access.log and /var/log/apache2/error.log are both empty – Roper Jul 03 '16 at 15:10
  • ... and your `php.ini` and `php-scripts.log` or like files? – Colt Jul 03 '16 at 15:40
  • php.ini here [link](http://pastebin.com/aP3rqeg6) There is no php-scripts.log. Is there a way to enable logging in a way apache will write error message when giving out a 403 - Permission denied as response to a request? – Roper Jul 03 '16 at 17:44
  • Can you provide outputs from running these commands: `apachectl -t -D DUMP_RUN_CFG` and `apachectl -M` and `apachectl -S` ? – Colt Jul 03 '16 at 19:40
  • Here are the outputs for all commands: [link](http://pastie.org/10898005). php5 is listed in the list of loaded modules. I want to note that those commands told me: "Could not reliably determine the server's fully qualified domain name". Therefore I added ServerName localhost to my apache.conf and restarted the server. The 403 on php files remains, but the warning is gone. – Roper Jul 03 '16 at 19:57

0 Answers0