Home > OS >  What is causing the '403 Forbidden error' in my Apache2 server? And how can I fix it? The
What is causing the '403 Forbidden error' in my Apache2 server? And how can I fix it? The

Time:02-09

A little bit of context to my problem... I'm trying to deploy my django application following a tutorial (the error

The tutorial is very long so I've broken down every single step in this post.

The steps I had to follow are:

(everything done in the Windows Linux Bash shell)

  • Creating Linode and analizing Ip Address and SSH Credentials I got

  • Root Connection to the Server

    ssh into the server for the first time

  • Installing Software Updates

    Running the command sudo apt-get update && apt-get upgrade

  • Setting Host Name

    hostnamectl set-hostname SERVER_NAME

    Then checking if it was rightfully executed with hostname

  • Setting Host File

    nano /etc/hosts and then adding the IP address and server name to the file.

  • Adding Limited User

    The guy in the video said it's not good practice to use root user because it's easy to mess things up like that so we created a limited user with adduser USER_NAME and then gave it sudo permissions with adduser USER_NAME sudo

  • Setting Up SSH Key Based Authentication

    In my local machine's bash shell: ssh keygen -b 4096 And deposit that file into my home folder, after that I copy that file over to my server with scp ~/.ssh/id_rsa.pub user@serverip:~/.ssh/authorized_keys then lasty confirming it was done correcty in the server with ls .ssh

  • Setting Permissions for SSH Directory

    Attach certain permision like sudo chmod 700 ~/.ssh/ and sudo chmod 600 ~/.ssh/*

  • Forbiding Root Login & Password Authentication

    sudo nano /etc/ssh/sshh_config to forbit #PermitRootLogin and #PasswordAuthentification and then restart with sudo systemctl restart sshd

  • Setting Up a Firewall

    First, I install Uncomplicated Firewall with sudo apt-get install ufw and then I do the following commands: sudo ufw default allow outgoing , sudo ufw default deny incoming , sudo ufw allow ssh and sudo ufw allow 8000. After that, I enable the firewall with sudo ufw enable

  • Generating requirements.txt File

    Here I actually did it a bit different that in the video. I open my VSCODE environment for the project in question, and then I run a pip freeze in the terminal to see if the dependencies are correct, if they are I write the requirements with pip freeze > requirements.txt

  • Copying Django Application on to the Webserver

    This step is pretty straightforward. Just scp -r /folder/ user@serverip:~/ and that way the folder project is copied into the web server.

  • Creating Virtual Environment on the Server

    First run a sudo apt-get install python3-pip and then pip install sudo apt-get install python3-venv. Once that's done, to create my virtual environment I do python3 -m venv django_project/venv and lastly I activate it by cding into the project's folder and then source venv/bin/activate.

  • Installing Dependencies

    With my virtual environment running I run a pip install -r requirements.txt

  • Changing Django Settings for Testing the Application on Django Server

    Inside the project's folder: sudo nano django_project/settings.py and add my server's IP to the allowed hosts list, and add a STATIC_ROOT directory.

  • Collecting Static Files

    python manage.py collectstatic Which could collect about 120 static files, but my project is a somewhat different from the on in the video because I added way more features so it collects about 137 files (in case these details are needed)

  • Testing Application

    python manage.py runserver 0.0.0.0:8000 and then test to see if there is any problems, there are not (minus some variables I forgot to add because they were in my PC's environment variables) so I move on to the next step.

  • Installing Apache & ModWSGI

    sudo apt-get install apache2, sudo apt-get install libapache2-mod-wsgi-py3.

  • Configuring Apache Webserver

    Then move into the apache configuration folder cd /etc/apache2/sites-available/ and create a new configuration file based off the default one with sudo cp 000-default.conf django_project.conf, and then I edit with sudo nano django_project.conf it and add the following things to it: https://github.com/CoreyMSchafer/code_snippets/blob/master/Django_Blog/snippets/django_project.conf

  • Enabling Site Through Apache

    Run the following commands: sudo a2ensite django_project , sudo a2dissite 000-default.conf

  • Setting Up File Permissions

    Run the following commands: sudo chown :www-date django_project/db.sqlite3 , sudo chmod 664 django_project/db.sqlite3 and sudo chown :www-data django_project/. Then sudo chown -R :www-data django_project/media/andsudo chmod -R django_project/media```

  • Creating Configuration File for Hiding Sensitive Information

    I won't detail this process, I just make a .json file with some secret information like the SECRET_KEY and the email and password.

  • Updating Project Settings File

    I delete the sentitive information from the settings.py of the project, and instead add those with the .json file (like if it were an environment variable).

  • Allowing http Traffic

    Run the following commands: sudo ufw delete allow 8000, and sudo ufw allow http/tcp.

  • Restarting the Server & Running the Site

    sudo service apache2 restart

Please, I'd appreciate any kind of help. I have to fix this error for a school project and I can't find solutions that actually fix it. I've read in some forums that I just needed to change certain permissions again, I did that and still the same error. It's really driving me crazy.

CodePudding user response:

I think the Forbidden is returned as Apache2 user (www-data) cant reach your HOME folder, move everything to another path like /data or /var/www and give www-data a rx access through the chmod command.

CodePudding user response:

you have not done

sudo chown :www-data django_project/django_project

which is the folder of the wsgi.py script

  •  Tags:  
  • Related