4

I'm trying to set up two seperate django sites using mod_wsgi on apache. The first site is working fine, but the second site cupaday.dyndns.biz is giving a 403: [Tue Feb 07 22:32:57 2012] [error] [client 68.48.6.208] (13)Permission denied: access to / denied Does anyone see what is wrong?? I read about deploying multiple virtualservers and most people pointed to make sure there was a Directory directive with allow from all. I have tried setting this to the path to my app, to wsgi directory and to the actual .wsgi. Like i said the first site snaganitem is working fine. Does anyone know how I can fix this?? Or is there a way to see a verbose version of the 403 errror? thank you.

NameVirtualHost *:80
<VirtualHost *:80>
  ServerAdmin [email protected]
  ServerName snaganitem.com
  ServerAlias www.snaganitem.com

  LogLevel warn
  ErrorLog /var/log/httpd/error.log
  CustomLog /var/log/httpd/access.log combined

  WSGIScriptAlias / /home/snaganitem/hackpages/apache2/django.wsgi

  <Location "/static">
    SetHandler None
  </Location>
  <Directory /home/snaganitem/hackpages/apache2>
    Order allow,deny
    Allow from all
  </Directory>

  Alias /static /home/snaganitem/hackpages/static
  Alias /google927b622c2314fdec.html /home/snaganitem/static_html/google927b622c2314fdec.html

</VirtualHost>
<VirtualHost *:80>
  ServerAdmin [email protected]
  ServerName cupaday.dyndns.biz

  LogLevel warn
  ErrorLog /var/log/httpd/error.log
  CustomLog /var/log/httpd/access.log combined

  WSGIScriptAlias / /home/cupaday/cup_a_day/wsgi/django.wsgi

  <Location "/static">
    SetHandler None
  </Location>
  <Directory /home/cupaday/cup_a_day/wsgi>
    Order deny,allow
    Allow from all
  </Directory>
  Alias /static /home/cupaday/cup_a_day/static

</VirtualHost>
Improve this question
3
  • 1
    Does the user the Apache's running as have access to the /home/cupaday directory (and the subdirectories up to the site)?
    – Shane Madden
    Feb 7, 2012 at 22:58
  • @Shane both sites have the same permissions do you know of a way to see a verbose 403?
    – dm03514
    Feb 7, 2012 at 23:14
  • The permissions for the sites configured in Apache are the same, but the filesystem permissions for the /home directories are unlikely to be. ls -l /home
    – Shane Madden
    Feb 7, 2012 at 23:32

1 Answer 1

Reset to default
4

As pointed out in comment to question, most likely filesystem permissions with Apache user unable to read from where WSGI script file is or read the WSGI script file itself.

This specific error is described in the presentation:

http://code.google.com/p/modwsgi/wiki/WhereToGetHelp?tm=6#Conference_Presentations

Improve this answer
3
  • I opened up the permissions(777) on the whole directory /home/cupaday just to verify, this doesn't look like it is the cause
    – dm03514
    Feb 7, 2012 at 23:35
  • 1
    Did you watch the presentation? It isn't just that directory. The Apache user must be able to search directories down to where the WSGI script file is located. That is, from '/' right down to where WSGI script file is located. Thus, if /home/cupaday/cup_a_day or /home/cupaday/cup_a_day/wsgi are not readable/searchable it will fail as well. The presentation also does not say to change permissions to 777. It says to use 'chmod o+rx' as blindly making directories writable to everyone is a security risk.
    – Graham Dumpleton
    Feb 8, 2012 at 0:22
  • Thank you graham, the presentation solved it. I changed the permissions to what they recommended with chmod, I was just confused because the snaganitem directory has the normal /home/ directory permissions and it works, but the cupaday didn't, thank you for your help
    – dm03514
    Feb 8, 2012 at 0:45

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .