starting with macos Monterey the internal access system became more restrictive as it was with previous os versions. On Monterey I'm no longer able to use the build in Apache webserver with a "Sites" directory within my ~ directory.
The Sites directory has drwxr-xr-x permissions so in general it should be reachable. Never the less when trying to reach "localhost" it response with a 403 Forbidden message. All the required settings (as described here: https://discussions.apple.com/docs/DOC-250004361) are made. But this post recommended to grant the Apache user _www full access to the home folder by:
chmod +a "_www allow execute" ~
I think this is a very bad idea, even for a dev machine. I tried it just to make sure it solves the 403 issue. And it does. But again, this is a setting I don't think should be made permanent.
I tried to restrict the access to the Site folder alone by
chmod +a "_www allow execute" /User/user_name/Sites
But that seems not to be sufficient for the _www user to reach the files within the Sites folder.
Some of the answers here at stackoverflow suggest to change the _www User within Apache to the local user. Others recommend to change the group owner of Sites to the _www User.
Access forbidden to folders in /Users/user/ on Monterey
How to give Apache access to external drive on MacOS Catalina onwards
What is your suggestion for a secure setup to allow Apache's _www User read access to the Sites folder within ~and not compromising all the other folders in there?
Any idea is helpful
Krid
