skip to Main Content

I deployed a Laravel app on a VPS server Linux Debian. But I get a message in my web page like:

Forbidden

You don’t have permission to access this resource.

I tried many configuration specially my laravel.conf located in /etc/apache2/sites-enabled/ and my .htaccess located in my project root level.

I also tried command bellow:

sudo find /var/www/html/laravel_app -type d -exec chmod 644 {} ;
sudo find /var/www/html/laravel_app/storage -type f -exec chmod 755 {} ;

I’ve been working on it for a week. I tried many others answers from stackoverflow without success.

Here my laravel.conf file

<VirtualHost *:80 *:3000>
    ServerAdmin [email protected]
    DocumentRoot /var/www/html/laravel_app
    <Directory /var/www/html/laravel_app>
        DirectoryIndex index.php
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
        Order allow,deny
        Allow from all
    </Directory>
    LogLevel debug
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Here bellow my .htaccess file

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>

    RewriteEngine On
    DirectoryIndex index.php

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /$1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>

3

Answers


  1. Chosen as BEST ANSWER

    Finally I found the problem that caused permission access error. In my /etc/apache2/sites-enabled directory I had already another vhost config file called default-ssl.conf. And for an unknown reason that was this file my server executed and not vhost file that I created and enabled with sudo a2ensite laravel.conf . So I edited that file and used @Don't Panic answer to configure. Another problem was related to my .htaccess as you mentioned. I moved .htaccess and placed it in laravel_app/public directory. I had to excute these command below also to grant permission :

    sudo find /var/www/html/laravel_app -type d -exec chmod 755 -R {} ;
    sudo find /var/www/html/laravel_app -type f -exec chmod 644 -R {} ;                                                                                                                      
    

    Here below my .htaccess

    <IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>
    
    RewriteEngine On
    
    
    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /$1 [L,R=301]
    
    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
    
    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    

    Here below my default-ssl.conf

    <IfModule mod_ssl.c>
    <VirtualHost _default_:443>
        ServerAdmin [email protected]
        DocumentRoot /var/www/html/laravel_app/public
        
        <Directory /var/www/html/laravel_app/public>
            DirectoryIndex index.php    
            Options Indexes FollowSymLinks MultiViews
            AllowOverride All
            Require all granted
            Order allow,deny
            Allow from all
        </Directory>
    
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
    
        SSLEngine on
    
        SSLCertificateFile  /etc/ssl/certs/ssl-cert-snakeoil.pem
        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
    
        <FilesMatch ".(cgi|shtml|phtml|php)$">
                SSLOptions +StdEnvVars
        </FilesMatch>
        <Directory /usr/lib/cgi-bin>
                SSLOptions +StdEnvVars
        </Directory>
    
    </VirtualHost>
    

    Now it works fine. But I have a message like Insecure connection in this site. I will look for in another discussion or documentation. I think to SSL config problem. Thank's to everyone, really appreciate and sorry for my english!


  2. try this structure:

    
    <VirtualHost *:80>
         ServerAdmin admin@site
         ServerName laravel_app
         ServerAlias www.laravel_app.com
         DocumentRoot /var/www/laravel_app/public
         DirectoryIndex index.php
    
         <Directory /var/www/laravel_app/public>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride All
            Order allow,deny
            allow from all
         Require all granted
         </Directory>
         ErrorLog ${APACHE_LOG_DIR}/laravel_app_error.log
         CustomLog ${APACHE_LOG_DIR}/laravel_app_access.log combined
    </VirtualHost>
    
    

    as said in the comments, you should add public directory because it contains the index.php file to be rendered.
    wish that helps you resolve your problem.

    Login or Signup to reply.
  3. Your DocumentRoot is /var/www/html/laravel_app, but Laravel’s index.php is in a dir named public.

    It looks like your DocumentRoot points to your Laravel root directory, but there is no index.php there. And if you have not enabled directory listing with +Indexes … there’s nothing Apache can do so you’ll get a permission denied.

    Update your root to point to Laravel’s public dir:

    <VirtualHost *:80 *:3000>
        ServerAdmin [email protected]
        DocumentRoot /var/www/html/laravel_app/public
        <Directory /var/www/html/laravel_app/public>
            DirectoryIndex index.php
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
            Order allow,deny
            Allow from all
        </Directory>
        LogLevel debug
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
    </VirtualHost>
    

    NOTE

    You mention "my .htaccess located in my project root level" – if you really mean you have moved .htaccess from laravel_app/public/.htaccess to laravel_app/.htaccess, don’t do that. As the docs say:

    You should never attempt to move the index.php file to your project’s root, as serving the application from the project root will expose many sensitive configuration files to the public Internet:

    NOTE 2

    You are mixing old and new directives in your Apache config. From the docs:

    Mixing old and new directives

    Mixing old directives like Order, Allow or Deny with new ones like Require is technically possible but discouraged.

    This is Apache 2.2 config, and should be removed:

    Order allow,deny
    Allow from all
    

    That is superceded by the Apache 2.4 config equivalent, which you correctly already have:

    Require all granted
    

    NOTE 3

    As I mentioned in the comments, if you have more than one vhost, you should be using ServerName so that Apache can work out which host config to use for an incoming request. If you only really have this one Laravel vhost, disable all others.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search