Apache says "Forbidden You don't have permission to access this resource." to a specific domain

Question

I have a server on AWS which serves a number of websites. Webmin is also installed.

In Apache, when I try to create a website, say ferrari.example.com, I get the error Forbidden. You don't have permission to access this resource. when I request it with a web browser.

It is NOT a file permission issue, because if I use a different domain name (pointing to the same directory), it works fine.

It is NOT an Apache config issue, because if I change only the domain name (and no other config settings), it works fine.

Yes, I have a correct DNS entry that points ferrari.example.com points to my server.

No, there are no other sites conflicting with the domain name in Apache. I did a grep -r ferrari * in /etc/apache and found only that one site.

Does anyone have any other ideas why this isn't working?

<VirtualHost *:80>
DocumentRoot /var/www/ferrari.example.com
ServerName ferrari.example.com
<Directory /var/www/ferrari.example.com>
AllowOverride All
Options None
Require all granted
</Directory>
</VirtualHost>

I think I do NOT have SELinux installed.

Log level debug shows these errors:

[Thu Sep 19 19:13:00.740101 2019] [authz_core:debug] [pid 31107] mod_authz_core.c(809): [client 204.112.96.198:13742] AH01626: authorization result of Require all denied: denied, referer: http://ferrari.example.com/
[Thu Sep 19 19:13:00.740130 2019] [authz_core:debug] [pid 31107] mod_authz_core.c(809): [client 204.112.96.198:13742] AH01626: authorization result of <RequireAny>: denied, referer: http://ferrari.example.com/
[Thu Sep 19 19:13:00.740139 2019] [authz_core:error] [pid 31107] [client 204.112.96.198:13742] AH01630: client denied by server configuration: /var/www/html/favicon.ico, referer: http://ferrari.example.com/

Answer 1

I faced the same issue.

Here's how I solved it

Open the apache2.conf file using the nano editor.

sudo nano /etc/apache2/apache2.conf

Replace the general directory settings with this.

<Directory />
    #Options FollowSymLinks
        Options Indexes FollowSymLinks Includes ExecCGI
    AllowOverride All
        Order deny,allow
        Require all granted
</Directory>

<Directory /usr/share>
    AllowOverride None
    Require all granted
</Directory>

<Directory /var/www/>
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>


#<Directory /srv/>
#   Options Indexes FollowSymLinks
#   AllowOverride None
#   Require all granted
#</Directory>

Ensure your virtual host configuration file in /etc/apache2/sites-available directory is in this manner

<VirtualHost *:80>
        # The ServerName directive sets the request scheme, hostname and port t$
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        ServerName example.com (put your domain name here)

        ServerAdmin webmaster@localhost
        DocumentRoot /home/username/myapp (put your app root directory here)

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Restart Apache2 service

sudo systemctl restart apache2

That's all.

I hope this helps