[Xymon] Keep getting 403 Forbidden on /xymon

Jerald Sheets questy at gmail.com
Fri Dec 6 18:32:56 CET 2013


There are no errors in that listing, except you don't have a favicon.

---
Jerald M. Sheets jr.



On Fri, Dec 6, 2013 at 11:43 AM, Doug Strick <douglas.strick at gmail.com>wrote:

> That got me a little further.  Now I just get a directory listing instead
> of a 403.  The xymon web console still won't load.  Below is what's in the
> access logs when I hit /xymon/.  Also found mod_access_compat is in the
> configs and being loaded so not sure why the original config didn't work.
>  I've also noticed some of the directories of xymon are empty like
> /usr/local/xymon/server/www/html.  Is that normal?
>
> 00-base.conf:LoadModule access_compat_module modules/mod_access_compat.so
>
> 10.33.98.24 - - [06/Dec/2013:08:37:06 -0800] "GET /xymon/ HTTP/1.1" 200
> 2336 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML,
> like Gecko) Chrome/30.0.1599.101 Safari/537.36"
> 10.33.98.24 - - [06/Dec/2013:08:37:07 -0800] "GET /icons/back.gif
> HTTP/1.1" 200 216 "http://buildsystem.xyz.net/xymon/" "Mozilla/5.0
> (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko)
> Chrome/30.0.1599.101 Safari/537.36"
> 10.33.98.24 - - [06/Dec/2013:08:37:07 -0800] "GET /icons/blank.gif
> HTTP/1.1" 200 148 "http://buildsystem.xyz.net/xymon/" "Mozilla/5.0
> (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko)
> Chrome/30.0.1599.101 Safari/537.36"
> 10.33.98.24 - - [06/Dec/2013:08:37:07 -0800] "GET /icons/folder.gif
> HTTP/1.1" 200 225 "http://buildsystem.xyz.net/xymon/" "Mozilla/5.0
> (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko)
> Chrome/30.0.1599.101 Safari/537.36"
> 10.33.98.24 - - [06/Dec/2013:08:37:07 -0800] "GET /favicon.ico HTTP/1.1"
> 404 209 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML,
> like Gecko) Chrome/30.0.1599.101 Safari/537.36"
>
>
>
> On Thu, Dec 5, 2013 at 10:41 PM, Jeremy Laidman <jlaidman at rebel-it.com.au>wrote:
>
>> On 6 December 2013 11:49, Doug Strick <douglas.strick at gmail.com> wrote:
>>
>>
>>> AH01630: client denied by server configuration:
>>> /usr/local/xymon/server/www/
>>>
>>
>>
>>> <Directory />
>>>     AllowOverride none
>>>      Require all denied
>>> </Directory>
>>>
>>
>> > <Directory "/usr/local/xymon/server/www">
>> >     Options Indexes FollowSymLinks Includes MultiViews
>> >     Order allow,deny
>> >     Allow from all
>> > </Directory>
>>
>> I notice that the distro-provided config uses "require all ..." whereas
>> the Xymon config uses "... from all".  From the Apache v2.2 to v2.4 upgrade
>> doco at
>>
>>   http://httpd.apache.org/docs/current/upgrading.html#run-time
>>
>> "In 2.4, such access control is done in the same way as other
>> authorization checks, using the new module mod_authz_host<http://httpd.apache.org/docs/current/mod/mod_authz_host.html>.
>> The old access control idioms should be replaced by the new authentication
>> mechanisms, although for compatibility with old configurations, the new
>> module mod_access_compat<http://httpd.apache.org/docs/current/mod/mod_access_compat.html>is provided."
>>
>> I suspect the "allow from all" is no longer valid, and you need to change
>> this from "allow from all" "require all granted".  Could be that there's a
>> warning in the Apache logs at the time you restarted it.
>>
>> Alternatively, enable the compatibility module as indicated.
>>
>> It looks like the Xymon installer needs to be updated to detect the use
>> of the new authorization module and install in a version of config files
>> that are compatible with Apache v2.4.
>>
>> Cheers
>> Jeremy
>>
>>
>
> _______________________________________________
> Xymon mailing list
> Xymon at xymon.com
> http://lists.xymon.com/mailman/listinfo/xymon
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20131206/57d10e76/attachment.html>


More information about the Xymon mailing list