How To Fix Apache VirtualHost 403 Forbidden Error?

Checking Apache Error Logs

To find the cause of the 403 Forbidden error, check the Apache error logs. On Ubuntu systems, these logs are usually in the /var/log/apache2 directory. The main error log file is often named error.log.

To view the latest error messages, use this command:

tail -n 50 /var/log/apache2/error.log

Look for entries about the 403 Forbidden error. Common messages include:

• "client denied by server configuration"
• "Permission denied"
• "Access to / denied"

These messages can help you understand the issue causing the error.

grep "403" /var/log/apache2/error.log

Verifying File and Directory Permissions

Wrong file and directory permissions often cause 403 Forbidden errors. To check and fix permissions:

1. Make sure the web server user (usually www-data) can read your web files:

ls -l /var/www/mytest.com

2. If needed, change who owns the web files:

sudo chown -R www-data:www-data /var/www/mytest.com

3. Set the right read and execute permissions:

sudo chmod -R 755 /var/www/mytest.com

4. For files with sensitive information, use stricter permissions:

sudo chmod 644 /var/www/mytest.com/config.php

By checking logs and permissions, you can find the cause of the 403 Forbidden error and fix it.

Adjusting File and Directory Permissions

To fix file and directory permissions:

1. Set ownership:

   sudo chown -R www-data:www-data /var/www/mytest.com

   This command changes the owner and group of files and directories to www-data.

2. Change file permissions:

   sudo chmod -R 755 /var/www/mytest.com

   This sets read, write, and execute permissions for the owner, and read and execute permissions for others.

ls -l /var/www/mytest.com

Configuring Apache VirtualHost Settings

Update your Apache VirtualHost configuration:

1. Edit the VirtualHost file:

   sudo nano /etc/apache2/sites-available/mytest.com.conf

2. Update the Directory directive:

   <Directory "/var/www/mytest.com">
      Options -Indexes +FollowSymLinks
      AllowOverride All
      Require all granted
   </Directory>

3. Add the "Require all granted" directive to allow access to the directory.

Modifying SELinux or AppArmor Settings

If you use SELinux or AppArmor, you may need to adjust security policies:

1. Check the current security context (SELinux):

   ls -Z /var/www/mytest.com

2. Adjust security policies:

   • For SELinux:

     sudo chcon -R -t httpd_sys_content_t /var/www/mytest.com

   • For AppArmor:

     sudo aa-complain /usr/sbin/apache2

After making these changes, restart Apache to apply the new settings.

Restarting Apache Service

After making changes to fix the 403 Forbidden error, restart the Apache service to apply the new settings:

1. Use this command to restart Apache:

   sudo systemctl restart apache2

2. Check if Apache restarted:

   sudo systemctl status apache2

   Look for "active (running)" in the output to confirm Apache is running.

Accessing the Website

To test if the 403 Forbidden error is fixed:

1. Clear your browser cache:

   • In Chrome, press Ctrl+Shift+Delete (Windows) or Cmd+Shift+Delete (Mac)
   • Select "Cached images and files" and click "Clear data"

2. Try to access your website:

   • Open a new browser tab
   • Enter your website URL (e.g., http://www.mytest.com)

3. Check if the website loads:

   • If you see your website content, the 403 Forbidden error is fixed
   • If you still see a 403 error, review your changes and Apache error logs for more information

If the website loads, you have fixed the Apache VirtualHost 403 Forbidden error.