Directory index forbidden by Options directive
I'm using the dompdf plugin for codeigniter: http://codeigniter.com/wiki/PDF_generation_using_dompdf/
to generate pdfs from a form. This works on localhost, but on the live server I get this in the error log:
Directory index forbidden by Options directive: /var/www/vhosts/domain.co.uk/httpdocs/mm/userdata/account1/invoices/
Any idea what this means? I've searched for answers, and found a few that suggest editing the httpd.conf, however I don't have access to this.
I've also tried adding a blank index.html file to the root and document directory (as also suggested elsewhere, but to no avail).
Any help greatly appreciated.
Thanks!
Either the main httpd.conf
or the .htaccess
file in this directory or a nearby parent directory probably includes:
Options -Indexes
Your host may have to set it to +Indexes
if you don't have access in .htaccess
and want to list & browse the directory contents, absent a default index.html, index.php
, etc. If the directory should not have a default file and you don't enable Indexes
, you may only directly target the filenames of contents within it.
The Indexes
option is commonly disabled by default on many Apache installations.
Full details are available in the Apache core documentation on Options
It means there's no default document in that directory (index.html, index.php, etc...). On most webservers, that would mean it would show a listing of the directory's contents. But showing that directory is forbidden by server configuration (Options -Indexes
)
The Problem
Indexes visible in a web browser for directories that do not contain an index.html or index.php file.
I had a lot of trouble with the configuration on Scientific Linux's httpd web server to stop showing these indexes.
The Configuration that did not work
httpd.conf virtual host directory directives:
<Directory /home/mydomain.com/htdocs>
Options FollowSymLinks
AllowOverride all
Require all granted
</Directory>
and the addition of the following line to .htaccess:
Options -Indexes
Directory indexes were still showing up. .htaccess settings weren't working!
How could that be, other settings in .htaccess were working, so why not this one? What's going? It should be working! %#$&^$%@# !!
The Fix
Change httpd.conf's Options line to:
Options +FollowSymLinks
and restart the webserver.
From Apache's core mod page: ( https://httpd.apache.org/docs/2.4/mod/core.html#options )
Mixing Options with a + or - with those without is not valid syntax and will be rejected during server startup by the syntax check with an abort.
Voilà directory indexes were no longer showing up for directories that did not contain an index.html or index.php file.
Now What! A New Wrinkle
New entries started to show up in the 'error_log' when such a directory access was attempted:
[Fri Aug 19 02:57:39.922872 2016] [autoindex:error] [pid 12479] [client aaa.bbb.ccc.ddd:xxxxx] AH01276: Cannot serve directory /home/mydomain.com/htdocs/dir-without-index-file/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive
This entry is from the Apache module 'autoindex' with a LogLevel of 'error' as indicated by [autoindex:error] of the error message---the format is [module_name:loglevel].
To stop these new entries from being logged, the LogLevel needs to be changed to a higher level (e.g. 'crit') to log fewer---only more serious error messages.
Apache 2.4 LogLevels
See Apache 2.4's core directives for LogLevel.
emerg, alert, crit, error, warn, notice, info, debug, trace1, trace2, trace3, tracr4, trace5, trace6, trace7, trace8
Each level deeper into the list logs all the messages of any previous level(s).
Apache 2.4's default level is 'warn'. Therefore, all messages classified as emerg, alert, crit, error, and warn are written to error_log.
Additional Fix to Stop New error_log Entries
Added the following line inside the <Directory>..</Directory> section of httpd.conf:
LogLevel crit
The Solution 1
My virtual host's httpd.conf <Directory>..</Directory> configuration:
<Directory /home/mydomain.com/htdocs>
Options +FollowSymLinks
AllowOverride all
Require all granted
LogLevel crit
</Directory>
and adding to /home/mydomain.com/htdocs/.htaccess, the root directory of your website's .htaccess file:
Options -Indexes
If you don't mind the 'error' level messages, omit
LogLevel crit
Scientific Linux - Solution 2 - Disables mod_autoindex
No more autoindex'ing of directories inside your web space. No changes to .htaccess. But, need access to the httpd configuration files in /etc/httpd
-
Edit /etc/httpd/conf.modules.d/00-base.conf and comment the line:
LoadModule autoindex_module modules/mod_autoindex.so
by adding a # in front of it then save the file.
-
In the directory /etc/httpd/conf.d rename (mv)
sudo mv autoindex.conf autoindex.conf.<something_else>
-
Restart httpd:
sudo httpd -k restart
or
sudo apachectl restart
The autoindex_mod is now disabled.
Linux distros with ap2dismod/ap2enmod Commands
Disable autoindex module enter the command
sudo a2dismod autoindex
to enable autoindex module enter
sudo a2enmod autoindex
Another issue that you might run into if you're running RHEL (I ran into it) is that there is a default welcome page configured with the httpd package that will override your settings, even if you put Options Indexes. The file is in /etc/httpd/conf.d/welcome.conf. See the following link for more info: http://wpapi.com/solved-issue-directory-index-forbidden-by-options-directive/