Bonjour à tous
Je viens d’installer un serveur sous wheezy/ispconfig3.
Tous les sites fonctionnent sauf un, sitex.com installé sous web1 qui donne systématiquement une erreur 403 sur les scripts php même avec les dossiers/fichiers en mod 777/666
sitex.com/web/index.html fonctionne correctement
Il ne se passe rien de notable dans les logs syslog, apache2/error.log et access.log, ni dans /var/log/ispconfig/httpd/sitex.com/error.log lorsqu’on accède a l’index.php du site
Voici son vhost généré par ispconfig3:
[code]# cat /etc/apache2/sites-enabled/100-sitex.com.vhost
<Directory /var/www/sitex.com>
AllowOverride None
Order Deny,Allow
Deny from all
<VirtualHost *:80>
DocumentRoot /var/www/sitex.com/web
ServerName sitex.com
ServerAlias www.sitex.com
ServerAdmin webmaster@sitex.com
…
<Directory /var/www/sitex.com/web>
# Clear PHP settings of this website
<FilesMatch ".+\.ph(p[345]?|t|tml)$">
SetHandler None
</FilesMatch>
Options +FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<Directory /var/www/clients/client1/web1/web>
# Clear PHP settings of this website
<FilesMatch ".+\.ph(p[345]?|t|tml)$">
SetHandler None
</FilesMatch>
Options +FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
# suexec enabled
<IfModule mod_suexec.c>
SuexecUserGroup web1 client1
</IfModule>
# php as fast-cgi enabled
# For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
<IfModule mod_fcgid.c>
IdleTimeout 300
ProcessLifeTime 3600
# MaxProcessCount 1000
DefaultMinClassProcessCount 0
DefaultMaxClassProcessCount 100
IPCConnectTimeout 3
IPCCommTimeout 600
BusyTimeout 3600
</IfModule>
<Directory /var/www/sitex.com/web>
<FilesMatch "\.php[345]?$">
SetHandler fcgid-script
</FilesMatch>
FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php
FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php3
FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php4
FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php5
Options +ExecCGI
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<Directory /var/www/clients/client1/web1/web>
<FilesMatch "\.php[345]?$">
SetHandler fcgid-script
</FilesMatch>
FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php
FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php3
FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php4
FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php5
Options +ExecCGI
AllowOverride All
Order allow,deny
Allow from all
</Directory>
# add support for apache mpm_itk
<IfModule mpm_itk_module>
AssignUserId web1 client1
</IfModule>
<IfModule mod_dav_fs.c>
# Do not execute PHP files in webdav directory
<Directory /var/www/clients/client1/web1/webdav>
<ifModule mod_security2.c>
SecRuleRemoveById 960015
SecRuleRemoveById 960032
</ifModule>
<FilesMatch "\.ph(p3?|tml)$">
SetHandler None
</FilesMatch>
</Directory>
DavLockDB /var/www/clients/client1/web1/tmp/DavLock
# DO NOT REMOVE THE COMMENTS!
# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
# WEBDAV BEGIN
# WEBDAV END
</IfModule>
root@ns1:~# ll /var/www/clients/client1/web1/web
total 6,1M
…
-rw-rw-rw- 1 web1 client1 8,3K nov. 25 01:21 index.php
…
root@ns1:~# ll /var/www/php-fcgi-scripts/web1/.php-fcgi-starter
-rwxr-xr-x 1 web1 client1 909 déc. 15 16:32 /var/www/php-fcgi-scripts/web1/.php-fcgi-starter
[/code]
root@ns1:~# cat /var/www/php-fcgi-scripts/web1/.php-fcgi-starter
#!/bin/sh
PHPRC="/opt/phpfcgi-5.2.17/lib/"
export PHPRC
PHP_DOCUMENT_ROOT="/var/www/clients/client1/web1"
export PHP_DOCUMENT_ROOT
# The variable PHP_FCGI_CHILDREN is onyl useful for lighty or nginx as apache
# mod_fcgi will control the number of childs themself and never use the additional processes.
# PHP_FCGI_CHILDREN=8
# export PHP_FCGI_CHILDREN
PHP_FCGI_MAX_REQUESTS=5000
export PHP_FCGI_MAX_REQUESTS
exec /opt/phpfcgi-5.2.17/bin/php-cgi \
-d open_basedir="/var/www/clients/client1/web1/web:/var/www/clients/client1/web1/private:/var/www/clients/client1/web1/tmp:/var/www/sitex.com/web:/srv/www/sitex.com/web:/usr/share/php5:/usr/share/php:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin" \
-d upload_tmp_dir=/var/www/clients/client1/web1/tmp \
-d session.save_path=/var/www/clients/client1/web1/tmp \
-d sendmail_path="/usr/sbin/sendmail -t -i -fwebmaster@sitex.com" \
[code]root@ns1:~# ll /opt/phpfcgi-5.2.17/bin/php-cgi
-rwxr-xr-x 1 root root 28M déc. 15 16:20 /opt/phpfcgi-5.2.17/bin/php-cgi
root@ns1:~# ll /opt/phpfcgi-5.2.17/lib/
-rw-r–r-- 1 root root 48K déc. 15 16:27 php.ini
[/code]La config montrée ici est avec un php-5.2.17 compilé pour fonctionner en mode multi php sous ispconfig /fastcgi mais on obtient le même 403 avec le php-5.4 / fastcgi installé par défaut
Merci pour votre aide