apache2.4 virtual host blocking access with authz_core log, even though authz not configured

Question

So I'm getting 403: Forbidden errors on one of my apache2.4 virtualhosts.

What's interesting, is that /var/log/apache2/error.log reports:

authz_core:error] [pid 4878:tid 140394394269440] [client 10.214.154.19:33009] AH01630: client denied by server configuration

And.... While I do have other Virtualhosts which use authz (for subversion hosting primarily) I disabled all of them except the one I'm having issues with, restarted Apache, and there is no discernible difference.

Here is my Apache2 sites-available file which, even though I have disabled all other host configs, and stripped my config down to a minimum, is still denying access.

<VirtualHost *:443>

  WSGIScriptAlias /example /data/example/example.wsgi

  <Directory /data/example>
    WSGIApplicationGroup %{GLOBAL}
    Order deny,allow
    Allow from all
    Require all granted
  </Directory>

  LogLevel info

  SSLEngine on
  SSLCertificateFile    /etc/ssl/certs/example.pem
  SSLCertificateKeyFile /etc/ssl/private/example.key

</VirtualHost>

Furthermore, just to verify It's not my wsgi script, I replaced the script with:

def application(environ, start_response):
        start_response('200 OK',[('Content-type','text/html')])
        return ['<html><body>Hello World!</body></html>']

And that doesn't make any discernible difference.

Any ideas?

Answer 1

As indicated in Apache "Client denied by server configuration", despite allowing access to directory (vhost configuration) the issue is that Apache 2.4 has changed the way authorization configuration is done. The authz_core module is actually built-in, which seems to be a source of confusion.

If you simply remove the Order and Allow lines, things should work as expected. See http://httpd.apache.org/docs/2.4/upgrading.html for details.