I do not have any need for Authentication/authorization modules on apache2.4, so I proceed to comment out all the Auth modules and all the Require directives.
The server goes up fine, but i get a 500 error for everything. And the logs show
AH00025: configuration error: couldn't check user: /<path-requested>
Every mention of that error just repeats "enable mod_authz_core.so". Can't even find that error in the source.
The documentation says "If you have information on your web site that is sensitive or intended for only a small group of people, the techniques in this article will help you make sure that the people that see those pages are the people that you wanted to see them." but ignores the case where you do not have sensitive information :)
here is the list of installed modules
Compiled in modules:
core.c
mod_so.c
http_core.c
Here's my conf file (with mod_authz_core+Require commented, to show what i must add to 'workaround'):
ServerRoot "/etc/httpd"
Listen 8000
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxRequestWorkers 250
MaxConnectionsPerChild 0
#LoadModule authz_core_module modules/mod_authz_core.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule log_config_module modules/mod_log_config.so
ErrorLog "/var/log/httpd/error_log"
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog "/var/log/httpd/access_log" common
LoadModule env_module modules/mod_env.so
LoadModule headers_module modules/mod_headers.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule unixd_module modules/mod_unixd.so
User http
Group http
LoadModule status_module modules/mod_status.so
<Location "/status">
SetHandler server-status
</Location>
LoadModule dir_module modules/mod_dir.so
DirectoryIndex index.html
DirectorySlash Off
LoadModule php7_module modules/libphp7.so
ServerAdmin you@example.com
ServerName localhost:8000
<Directory />
AllowOverride none
#Require all denied
</Directory>
DocumentRoot "/srv/http"
<Directory "/srv/http">
<FilesMatch "\.html$">
SetHandler application/x-httpd-php
</FilesMatch>
Options -Indexes -FollowSymLinks
#Require all granted
</Directory>
Timeout 60
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
UseCanonicalName On
AccessFileName off
ServerTokens Full
ServerSignature Off
HostnameLookups Off
here's a sample session:
$ apachectl configtest
Syntax OK
$ sudo sudo -u http cat /srv/http/index.html
(make sure http user can access the files, all OK)
$ sudo systemctl restart httpd
$ tail -f -c0 /var/log/httpd/*
now i request /index.html...
==> /var/log/httpd/error_log <==
[datetime] [core:crit] [pid 3978] [client ip:62758] AH00025: configuration error: couldn't check user: /index.html
==> /var/log/httpd/access_log <==
ip - - [datetime] "GET /index.html HTTP/1.1" 500 528
==> /var/log/httpd/error_log <==
[datetime] [core:crit] [pid 3975] [client ip:62759] AH00025: configuration error: couldn't check user: /favicon.ico
==> /var/log/httpd/access_log <==
ip - - [datetime] "GET /favicon.ico HTTP/1.1" 500 528
