Issue:
I have Laravel running on Apache 2.4.9 and my domains are organized as follows:
beta.domain.com => /var/www/beta
www.domain.com => /var/www/live
The beta subdomain has basic authentication. Everything is working as expected except when I started poking around the apache2 error logs. I get the following error message:
AH01797: client denied by server configuration: /var/www/beta/public/index.php, referer: https://beta.domain.com/
My setup:
Here is my setup:
<VirtualHost *:80>
# Redirect all http traffic to https
Redirect 301 / https://www.domain.com/
</VirtualHost>
<VirtualHost *:443>
# some SSL setup for www here
ServerName www.domain.com
DocumentRoot /var/www/live/public
<Directory /var/www/live/public>
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SetEnv ENVIRONMENT "live"
</VirtualHost>
<VirtualHost *:443>
# some SSL setup for beta here
ServerName beta.domain.com
DocumentRoot /var/www/beta/public
<Directory /var/www/beta/public>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
# allow from one ip
Allow from xxx.xxx.xxx
Satisfy any
AuthUserFile /path/to/htpasswd/.htpasswd
AuthName "Password required"
AuthType Basic
Require valid-user
</Directory>
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SetEnv ENVIRONMENT "beta"
</VirtualHost>
Failed attempts:
I've found several differing answers for this, none of which worked for me. These are the ones that seem the most convincing, but again they didn't work for me.
Replacing
<Directory>with<Location>tags (http://httpd.apache.org/docs/current/mod/mod_auth_basic.html#authbasicprovider) - the errors were gone, but I lost basic authenticationUsing
Require all grantedinstead ofOrder allow/deny- this also removed basic authentication for me. Also not sure if this makes sense in my scenario.
