服务器配置拒绝客户端：/opt/bitnami/apps/wordpress/htdocs/

2024-5-30 • tag-icon

服务器配置拒绝客户端：/opt/bitnami/apps/wordpress/htdocs/

我在 ec2 上有一个 word-press 网站，错误日志文件中有 bitnami 图像，我收到了下面的代码片段错误。

我已经htaccess.conf用我的.htaccess文件覆盖了默认文件

现在文件的路径.htaccess是/opt/bitnami/apps/wordpress/htdocs/

     [Tue Feb 17 07:07:18.977511 2015] [ssl:warn] [pid 29411:tid 140429621905216] AH01909: justforhearts.org:443:0 server certificate does NOT include an ID which matches the server name
    [Tue Feb 17 07:07:18.977829 2015] [ssl:warn] [pid 29411:tid 140429621905216] AH01909: localhost:443:0 server certificate does NOT include an ID which matches the server name
    [Tue Feb 17 07:07:18.977930 2015] [lbmethod_heartbeat:notice] [pid 29411:tid 140429621905216] AH02282: No slotmem from mod_heartmonitor
    [Tue Feb 17 07:07:18.992006 2015] [mpm_event:notice] [pid 29411:tid 140429621905216] AH00489: Apache/2.4.10 (Unix) OpenSSL/1.0.1j configured -- resuming normal operations
    [Tue Feb 17 07:07:18.992028 2015] [core:notice] [pid 29411:tid 140429621905216] AH00094: Command line: '/opt/bitnami/apache2/bin/httpd -f /opt/bitnami/apache2/conf/httpd.conf -D DISABLE_BANNER'
    [Tue Feb 17 07:12:25.491605 2015] [access_compat:error] [pid 28267:tid 140429274093312] [client 199.59.148.209:32041] AH01797: client denied by server configuration: /opt/bitnami/apps/wordpress/htdocs/robots.txt
    [Tue Feb 17 07:12:25.697742 2015] [access_compat:error] [pid 28267:tid 140429265700608] [client 199.59.148.209:32041] AH01797: client denied by server configuration: /opt/bitnami/apps/wordpress/htdocs/2014
   [Tue Feb 17 07:12:25.697742 2015] [access_compat:error] [pid 28267:tid 140429265700608] [client 199.59.148.209:32041] AH01797: client denied by server configuration: /opt/bitnami/apps/wordpress/htdocs/

您可以在下面看到我的conf文件结构。

httpd-vhosts.conf 文件片段

<VirtualHost *:80>
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot "/opt/bitnami/apps/wordpress/htdocs"
    Include "/opt/bitnami/apps/wordpress/conf/httpd-app.conf"
<Directory "/opt/bitnami/apps/wordpress/htdocs">
  Options All
  AllowOverride All
  Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:443>
    ServerName example.com
    ServerAlias www.example.com
    DocumentRoot "/opt/bitnami/apps/wordpress/htdocs"
    SSLEngine on
    SSLCertificateFile "/opt/bitnami/apps/wordpress/conf/certs/server.crt"
    SSLCertificateKeyFile "/opt/bitnami/apps/wordpress/conf/certs/server.key"
    Include "/opt/bitnami/apps/wordpress/conf/httpd-app.conf"
</VirtualHost>

httpd-app.conf 文件片段

<IfDefine USE_PHP_FPM>
    <Proxy "unix:/opt/bitnami/php/var/run/wordpress.sock|fcgi://wordpress-fpm" timeout=300>
    </Proxy>
</IfDefine>
<Directory "/opt/bitnami/apps/wordpress/htdocs">
    Options +MultiViews +FollowSymLinks
    AllowOverride All
    <IfVersion < 2.3 >
        Order allow,deny
        Allow from all
    </IfVersion>
    <IfVersion >= 2.3>
        Require all granted
    </IfVersion>
    <IfDefine USE_PHP_FPM>
       <FilesMatch \.php$>
         SetHandler "proxy:fcgi://wordpress-fpm/"
       </FilesMatch>
    </IfDefine> 
    RewriteEngine On
    #RewriteBase /wordpress/
    RewriteRule ^index\.php$ - [S=1]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . index.php [L]
        Include "/opt/bitnami/apps/wordpress/conf/banner.conf"
</Directory>
#Include "/opt/bitnami/apps/wordpress/conf/htaccess.conf"

banner.conf 文件片段

# Banner configuration
<IfDefine !DISABLE_BANNER>
    <If "%{REQUEST_URI} !~ m!^/+(index\.php)?/*$!i" >
       SetEnv  "DISABLE_BANNER" "YES"
    </If>
    Include "/opt/bitnami/apps/bitnami/banner/conf/banner-substitutions.conf"
</IfDefine>

.htaccess 文件片段，文件权限 664

# BEGIN s2Member GZIP exclusions
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{QUERY_STRING} (^|\?|&)s2member_file_download\=.+ [OR]
    RewriteCond %{QUERY_STRING} (^|\?|&)no-gzip\=1
    RewriteRule .* - [E=no-gzip:1]
</IfModule>
## EXPIRES CACHING ##
    <IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access 1 year"
    ExpiresByType image/jpeg "access 1 year"
    ExpiresByType image/gif "access 1 year"
    ExpiresByType image/png "access 1 year"
    ExpiresByType text/css "access 1 month"
    ExpiresByType application/pdf "access 1 month"
    ExpiresByType text/x-javascript "access 1 month"
    ExpiresByType application/x-shockwave-flash "access 1 month"
    ExpiresByType image/x-icon "access 1 year"
    ExpiresDefault "access 2 days"

    </IfModule>
    ## EXPIRES CACHING ##
# END s2Member GZIP exclusions
# BEGIN WPSuperCache
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
#If you serve pages from behind a proxy you may want to change 'RewriteCond %{HTTPS} on' to something more sensible
AddDefaultCharset UTF-8
RewriteCond %{REQUEST_URI} !^.*[^/]$
RewriteCond %{REQUEST_URI} !^.*//.*$
RewriteCond %{REQUEST_METHOD} !POST
RewriteCond %{QUERY_STRING} !.*=.*
RewriteCond %{HTTP:Cookie} !^.*(comment_author_|wordpress_logged_in|wp-postpass_).*$
RewriteCond %{HTTP:X-Wap-Profile} !^[a-z0-9\"]+ [NC]
RewriteCond %{HTTP:Profile} !^[a-z0-9\"]+ [NC]
RewriteCond %{HTTP_USER_AGENT} !^.*(2.0\ MMP|240x320|400X240|AvantGo|BlackBerry|Blazer|Cellphone|Danger|DoCoMo|Elaine/3.0|EudoraWeb|Googlebot-Mobile|hiptop|IEMobile|KYOCERA/WX310K|LG/U990|MIDP-2.|MMEF20|MOT-V|NetFront|Newt|Nintendo\ Wii|Nitro|Nokia|Opera\ Mini|Palm|PlayStation\ Portable|portalmmm|Proxinet|ProxiNet|SHARP-TQ-GX10|SHG-i900|Small|SonyEricsson|Symbian\ OS|SymbianOS|TS21i-10|UP.Browser|UP.Link|webOS|Windows\ CE|WinWAP|YahooSeeker/M1A1-R2D2|iPhone|iPod|Android|BlackBerry9530|LG-TU915\ Obigo|LGE\ VX|webOS|Nokia5800).* [NC]
RewriteCond %{HTTP_user_agent} !^(w3c\ |w3c-|acs-|alav|alca|amoi|audi|avan|benq|bird|blac|blaz|brew|cell|cldc|cmd-|dang|doco|eric|hipt|htc_|inno|ipaq|ipod|jigs|kddi|keji|leno|lg-c|lg-d|lg-g|lge-|lg/u|maui|maxo|midp|mits|mmef|mobi|mot-|moto|mwbp|nec-|newt|noki|palm|pana|pant|phil|play|port|prox|qwap|sage|sams|sany|sch-|sec-|send|seri|sgh-|shar|sie-|siem|smal|smar|sony|sph-|symb|t-mo|teli|tim-|tosh|tsm-|upg1|upsi|vk-v|voda|wap-|wapa|wapi|wapp|wapr|webc|winw|winw|xda\ |xda-).* [NC]
RewriteCond %{HTTP:Accept-Encoding} gzip
RewriteCond %{HTTPS} on
RewriteCond %{DOCUMENT_ROOT}/wp-content/cache/supercache/%{SERVER_NAME}/$1/index-https.html.gz -f
RewriteRule ^(.*) "/wp-content/cache/supercache/%{SERVER_NAME}/$1/index-https.html.gz" [L]

RewriteCond %{REQUEST_URI} !^.*[^/]$
RewriteCond %{REQUEST_URI} !^.*//.*$
RewriteCond %{REQUEST_METHOD} !POST
RewriteCond %{QUERY_STRING} !.*=.*
RewriteCond %{HTTP:Cookie} !^.*(comment_author_|wordpress_logged_in|wp-postpass_).*$
RewriteCond %{HTTP:X-Wap-Profile} !^[a-z0-9\"]+ [NC]
RewriteCond %{HTTP:Profile} !^[a-z0-9\"]+ [NC]
RewriteCond %{HTTP_USER_AGENT} !^.*(2.0\ MMP|240x320|400X240|AvantGo|BlackBerry|Blazer|Cellphone|Danger|DoCoMo|Elaine/3.0|EudoraWeb|Googlebot-Mobile|hiptop|IEMobile|KYOCERA/WX310K|LG/U990|MIDP-2.|MMEF20|MOT-V|NetFront|Newt|Nintendo\ Wii|Nitro|Nokia|Opera\ Mini|Palm|PlayStation\ Portable|portalmmm|Proxinet|ProxiNet|SHARP-TQ-GX10|SHG-i900|Small|SonyEricsson|Symbian\ OS|SymbianOS|TS21i-10|UP.Browser|UP.Link|webOS|Windows\ CE|WinWAP|YahooSeeker/M1A1-R2D2|iPhone|iPod|Android|BlackBerry9530|LG-TU915\ Obigo|LGE\ VX|webOS|Nokia5800).* [NC]
RewriteCond %{HTTP_user_agent} !^(w3c\ |w3c-|acs-|alav|alca|amoi|audi|avan|benq|bird|blac|blaz|brew|cell|cldc|cmd-|dang|doco|eric|hipt|htc_|inno|ipaq|ipod|jigs|kddi|keji|leno|lg-c|lg-d|lg-g|lge-|lg/u|maui|maxo|midp|mits|mmef|mobi|mot-|moto|mwbp|nec-|newt|noki|palm|pana|pant|phil|play|port|prox|qwap|sage|sams|sany|sch-|sec-|send|seri|sgh-|shar|sie-|siem|smal|smar|sony|sph-|symb|t-mo|teli|tim-|tosh|tsm-|upg1|upsi|vk-v|voda|wap-|wapa|wapi|wapp|wapr|webc|winw|winw|xda\ |xda-).* [NC]
RewriteCond %{HTTP:Accept-Encoding} gzip
RewriteCond %{HTTPS} !on
RewriteCond %{DOCUMENT_ROOT}/wp-content/cache/supercache/%{SERVER_NAME}/$1/index.html.gz -f
RewriteRule ^(.*) "/wp-content/cache/supercache/%{SERVER_NAME}/$1/index.html.gz" [L]

RewriteCond %{REQUEST_URI} !^.*[^/]$
RewriteCond %{REQUEST_URI} !^.*//.*$
RewriteCond %{REQUEST_METHOD} !POST
RewriteCond %{QUERY_STRING} !.*=.*
RewriteCond %{HTTP:Cookie} !^.*(comment_author_|wordpress_logged_in|wp-postpass_).*$
RewriteCond %{HTTP:X-Wap-Profile} !^[a-z0-9\"]+ [NC]
RewriteCond %{HTTP:Profile} !^[a-z0-9\"]+ [NC]
RewriteCond %{HTTP_USER_AGENT} !^.*(2.0\ MMP|240x320|400X240|AvantGo|BlackBerry|Blazer|Cellphone|Danger|DoCoMo|Elaine/3.0|EudoraWeb|Googlebot-Mobile|hiptop|IEMobile|KYOCERA/WX310K|LG/U990|MIDP-2.|MMEF20|MOT-V|NetFront|Newt|Nintendo\ Wii|Nitro|Nokia|Opera\ Mini|Palm|PlayStation\ Portable|portalmmm|Proxinet|ProxiNet|SHARP-TQ-GX10|SHG-i900|Small|SonyEricsson|Symbian\ OS|SymbianOS|TS21i-10|UP.Browser|UP.Link|webOS|Windows\ CE|WinWAP|YahooSeeker/M1A1-R2D2|iPhone|iPod|Android|BlackBerry9530|LG-TU915\ Obigo|LGE\ VX|webOS|Nokia5800).* [NC]
RewriteCond %{HTTP_user_agent} !^(w3c\ |w3c-|acs-|alav|alca|amoi|audi|avan|benq|bird|blac|blaz|brew|cell|cldc|cmd-|dang|doco|eric|hipt|htc_|inno|ipaq|ipod|jigs|kddi|keji|leno|lg-c|lg-d|lg-g|lge-|lg/u|maui|maxo|midp|mits|mmef|mobi|mot-|moto|mwbp|nec-|newt|noki|palm|pana|pant|phil|play|port|prox|qwap|sage|sams|sany|sch-|sec-|send|seri|sgh-|shar|sie-|siem|smal|smar|sony|sph-|symb|t-mo|teli|tim-|tosh|tsm-|upg1|upsi|vk-v|voda|wap-|wapa|wapi|wapp|wapr|webc|winw|winw|xda\ |xda-).* [NC]
RewriteCond %{HTTPS} on
RewriteCond %{DOCUMENT_ROOT}/wp-content/cache/supercache/%{SERVER_NAME}/$1/index-https.html -f
RewriteRule ^(.*) "/wp-content/cache/supercache/%{SERVER_NAME}/$1/index-https.html" [L]

RewriteCond %{REQUEST_URI} !^.*[^/]$
RewriteCond %{REQUEST_URI} !^.*//.*$
RewriteCond %{REQUEST_METHOD} !POST
RewriteCond %{QUERY_STRING} !.*=.*
RewriteCond %{HTTP:Cookie} !^.*(comment_author_|wordpress_logged_in|wp-postpass_).*$
RewriteCond %{HTTP:X-Wap-Profile} !^[a-z0-9\"]+ [NC]
RewriteCond %{HTTP:Profile} !^[a-z0-9\"]+ [NC]
RewriteCond %{HTTP_USER_AGENT} !^.*(2.0\ MMP|240x320|400X240|AvantGo|BlackBerry|Blazer|Cellphone|Danger|DoCoMo|Elaine/3.0|EudoraWeb|Googlebot-Mobile|hiptop|IEMobile|KYOCERA/WX310K|LG/U990|MIDP-2.|MMEF20|MOT-V|NetFront|Newt|Nintendo\ Wii|Nitro|Nokia|Opera\ Mini|Palm|PlayStation\ Portable|portalmmm|Proxinet|ProxiNet|SHARP-TQ-GX10|SHG-i900|Small|SonyEricsson|Symbian\ OS|SymbianOS|TS21i-10|UP.Browser|UP.Link|webOS|Windows\ CE|WinWAP|YahooSeeker/M1A1-R2D2|iPhone|iPod|Android|BlackBerry9530|LG-TU915\ Obigo|LGE\ VX|webOS|Nokia5800).* [NC]
RewriteCond %{HTTP_user_agent} !^(w3c\ |w3c-|acs-|alav|alca|amoi|audi|avan|benq|bird|blac|blaz|brew|cell|cldc|cmd-|dang|doco|eric|hipt|htc_|inno|ipaq|ipod|jigs|kddi|keji|leno|lg-c|lg-d|lg-g|lge-|lg/u|maui|maxo|midp|mits|mmef|mobi|mot-|moto|mwbp|nec-|newt|noki|palm|pana|pant|phil|play|port|prox|qwap|sage|sams|sany|sch-|sec-|send|seri|sgh-|shar|sie-|siem|smal|smar|sony|sph-|symb|t-mo|teli|tim-|tosh|tsm-|upg1|upsi|vk-v|voda|wap-|wapa|wapi|wapp|wapr|webc|winw|winw|xda\ |xda-).* [NC]
RewriteCond %{HTTPS} !on
RewriteCond %{DOCUMENT_ROOT}/wp-content/cache/supercache/%{SERVER_NAME}/$1/index.html -f
RewriteRule ^(.*) "/wp-content/cache/supercache/%{SERVER_NAME}/$1/index.html" [L]
</IfModule>

# END WPSuperCache

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

文件夹权限片段

total 728
-rwxrwxr-x  1 bitnami daemon   1150 Jan 14  2012 favicon.ico
-rwxrwxr-x  1 bitnami daemon     53 Feb 12  2013 google496df181d1f0e489.html
-rwxrwxr-x  1 bitnami daemon     53 Jan  3  2013 googled446f1edcf45faf3.html
-rwxrwxr-x  1 bitnami daemon     53 Dec 23  2013 googledc9356356aa4126c.html
-rwxrwxr-x  1 bitnami daemon    418 Nov  1  2013 index.php
-rwxrwxr-x  1 bitnami daemon  19930 Feb 19 02:09 license.txt
-rwxrwxr-x  1 bitnami daemon     19 Dec 31 10:42 phpinfo.php
-rwxrwxr-x  1 bitnami daemon   7195 Feb 19 02:09 readme.html
-rwxrwxr-x  1 bitnami daemon    263 Jul 20  2014 robots.txt
-rwxrwxr-x  1 bitnami daemon 466324 Feb 28  2014 sitemap.xml
-rwxrwxr-x  1 bitnami daemon  18529 Jul 26  2012 timthumb.php
-rwxrwxr-x  1 bitnami daemon     15 Apr 13  2013 verifyforzoho.html
drwxrwxr-x  2 bitnami daemon   4096 Feb 11 18:56 wc-logs
-rwxrwxr-x  1 bitnami daemon   4951 Sep  6 06:37 wp-activate.php
drwxrwxr-x 10 bitnami daemon   4096 Feb  4  2014 wp-admin
-rwxrwxr-x  1 bitnami daemon    226 Jan 12  2012 wp-atom.php
drwxrwxr-x  2 bitnami daemon   4096 Nov 18 14:20 wp-backups
-rwxrwxr-x  1 bitnami daemon    271 Nov  1  2013 wp-blog-header.php
-rwxrwxr-x  1 bitnami daemon   5008 Dec 19 07:51 wp-comments-post.php
-rwxrwxr-x  1 bitnami daemon    244 Jan 12  2012 wp-commentsrss2.php
-rwxrwxr-x  1 bitnami daemon   4146 Jan 31 12:36 wp-config.php
-rwxrwxr-x  1 bitnami daemon   2726 Dec 19 07:51 wp-config-sample.php
drwxrwxr-x 17 bitnami daemon   4096 Feb 23 08:29 wp-content
-rwxrwxr-x  1 bitnami daemon   2956 Sep  6 06:37 wp-cron.php
-rwxrwxr-x  1 bitnami daemon    246 Jan 12  2012 wp-feed.php
drwxrwxr-x 12 bitnami daemon   4096 Sep  6 06:37 wp-includes
-rwxrwxr-x  1 bitnami daemon   2380 Nov  1  2013 wp-links-opml.php
-rwxrwxr-x  1 bitnami daemon   2714 Sep  6 06:37 wp-load.php
-rwxrwxr-x  1 bitnami daemon  33435 Dec 19 07:51 wp-login.php
-rwxrwxr-x  1 bitnami daemon   8252 Sep  6 06:37 wp-mail.php
-rwxrwxr-x  1 bitnami daemon    413 Jan 12  2012 wp-pass.php
-rwxrwxr-x  1 bitnami daemon    224 Jan 12  2012 wp-rdf.php
-rwxrwxr-x  1 bitnami daemon    334 Jan 12  2012 wp-register.php
-rwxrwxr-x  1 bitnami daemon    226 Jan 12  2012 wp-rss2.php
-rwxrwxr-x  1 bitnami daemon    224 Jan 12  2012 wp-rss.php
-rwxrwxr-x  1 bitnami daemon  11115 Dec 31 11:07 wp-settings.php
-rwxrwxr-x  1 bitnami daemon  25152 Dec 19 07:51 wp-signup.php
-rwxrwxr-x  1 bitnami daemon   4035 Dec 19 07:51 wp-trackback.php
-rwxrwxr-x  1 bitnami daemon   3032 Apr 17  2014 xmlrpc.php

php-fpm-apache.conf 代码片段

<IfDefine USE_PHP_FPM>
  <Proxy "unix:/opt/bitnami/php/var/run/www.sock|fcgi://www-fpm" timeout=300>
  </Proxy>
  <FilesMatch \.php$>
    SetHandler "proxy:fcgi://www-fpm/"
  </FilesMatch>
</IfDefine>

答案1

如果文件的新路径是“/opt/bitnami/apps/wordpress/htdocs/”，为什么在 httpd-app 中将其作为 #Include “/opt/bitnami/apps/wordpress/conf/htaccess.conf” 包含？另外，请注意，手动更改 WP/WP 主题的配置路径很可能会导致它们无法正常运行，因为它们使用的是相对路径。如果您更改了主文件的路径，则必须在直接指向它的所有其他文件中手动更改它。因此，最好使用高级文本编辑器来检查您还需要在哪里更改新文件的路径。

答案2

这些 403 是否只发生在 HTTPS 版本中？如果是，请在 httpd-vhosts.conf 中将整个<Directory...>部分复制到该<VirtualHost *:443>部分中。如果不是，.htaccess 文件中可能存在一些限制，因此添加Satisfy Any（请参阅https://httpd.apache.org/docs/2.4/mod/mod_access_compat.html#satisfy）

如果这些都失败了：

php5-fpm.conf 是否启用？
将该Require all granted指令添加到您的<Proxy>部分中。（请参阅https://wiki.apache.org/httpd/ClientDeniedByServerConfiguration）
请发布您的 .htaccess 文件及其路径
检查其文件权限。
您能否使用 Apache 2.2 的 .htaccess 文件？
发布文件权限显示ls -l /opt/bitnami/apps/wordpress/htdocs

答案3

尝试使用 http-vhosts.conf 文件的目录块来允许访问目录，将其放在 :80 和 :443 vhost 文件中：

```

  <Directory "/opt/bitnami/apps/wordpress/htdocs">
    Options +SymLinksIfOwnerMatch
    AllowOverride AuthConfig FileInfo Indexes Limit Options=Indexes,MultiViews Options
    Require all granted
  </Directory>

```

答案1

答案2

答案3

相关内容