[UE] '403 Forbidden' when accessing from localhost
Added by cloudwalker over 5 years ago
I installed lighttpd on my Raspberry (OS: Raspbian GNU/Linux 10 (buster)) in the usual way and installed the modules cgi and userdir. In /var/www/html I created the file test.html. If I enter localhost/test.html in the browser window (Chromium as browser), the content of the test file appears. However, if I enter localhost or localhost:80, the message '403 Forbidden' appears. When I enter localhost/test.html the test.html content is shown in the browser (Chromium)
Version lighttpd: lighttpd/1.4.53
Access rights of the folders and files:
ls -al /var/www
insgesamt 12
drwxrwxr-x 3 www-data www-data 4096 Sep 24 14:24 .
drwxr-xr-x 12 root root 4096 Sep 24 14:24 ..
drwxrwxr-x 2 www-data www-data 4096 Sep 24 15:14 html
Content of lighttpd.conf:
sudo lighty-enable-mod userdirserver.modules = (
"mod_indexfile",
"mod_access",
"mod_alias",
"mod_redirect",
)
server.document-root = "/var/www/html"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
# strict parsing and normalization of URL for consistency and security
# https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails
# (might need to explicitly set "url-path-2f-decode" = "disable"
# if a specific application is encoding URLs inside url-path)
server.http-parseopts = (
"header-strict" => "enable",# default
"host-strict" => "enable",# default
"host-normalize" => "enable",# default
"url-normalize-unreserved"=> "enable",# recommended highly
"url-normalize-required" => "enable",# recommended
"url-ctrls-reject" => "enable",# recommended
"url-path-2f-decode" => "enable",# recommended highly (unless breaks app)
#"url-path-2f-reject" => "enable",
"url-path-dotseg-remove" => "enable",# recommended highly (unless breaks app)
#"url-path-dotseg-reject" => "enable",
#"url-query-20-plus" => "enable",# consistency in query string
)
index-file.names = ( "index.php", "index.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.conf.pl"
include "/etc/lighttpd/conf-enabled/*.conf"
#server.compat-module-load = "disable"
server.modules += (
"mod_compress",
"mod_dirlisting",
"mod_staticfile",
)
Content of /var/log/lighttp/errorlog:
2019-09-24 14:25:50: (server.c.1464) server started (lighttpd/1.4.53)
2019-09-24 14:28:12: (server.c.958) [note] graceful shutdown started
2019-09-24 14:28:12: (server.c.2059) server stopped by UID = 0 PID = 14428
2019-09-24 14:28:12: (server.c.1464) server started (lighttpd/1.4.53)
2019-09-24 15:02:36: (server.c.958) [note] graceful shutdown started
2019-09-24 15:02:36: (server.c.2059) server stopped by UID = 0 PID = 17667
2019-09-24 15:02:36: (server.c.1464) server started (lighttpd/1.4.53)
2019-09-24 15:03:56: (server.c.958) [note] graceful shutdown started
2019-09-24 15:03:56: (server.c.2059) server stopped by UID = 0 PID = 17773
2019-09-24 15:03:56: (server.c.1464) server started (lighttpd/1.4.53)
2019-09-24 15:08:09: (server.c.958) [note] graceful shutdown started
2019-09-24 15:08:09: (server.c.2059) server stopped by UID = 0 PID = 17859
2019-09-24 15:08:09: (server.c.1464) server started (lighttpd/1.4.53)
2019-09-24 17:29:08: (server.c.958) [note] graceful shutdown started
2019-09-24 17:29:08: (server.c.2059) server stopped by UID = 0 PID = 20484
2019-09-24 17:29:08: (server.c.1464) server started (lighttpd/1.4.53)
2019-09-24 17:42:02: (server.c.2059) server stopped by UID = 0 PID = 1
2019-09-24 17:42:04: (server.c.1464) server started (lighttpd/1.4.53)
Replies (1)
RE: '403 Forbidden' when accessing from localhost - Added by cloudwalker over 5 years ago
I have found the problem. The index.html file must contain index and html as extension. The file test.html caused the problem. the term index.html is fixed in lighttpd.conf:
...
index-file.names = ( "index.php", "index.html")
...