Solved

Why can't I get a directory listing when I use HTTPS?

Posted on 2014-12-29
6
109 Views
Last Modified: 2015-01-04
Hi all,

I've just successfully installed an SSL certificate on my server (I get no reboot errors when I restart apache2 server and also when I type in the URL with the https I can see the green lock symbol which I can click and see corresponds to my certificate).

The problem is that when I use the https protocol I get an error:
https://www.mifujiclark.com/
Forbidden
You don't have permission to access / on this server.

Open in new window


When I use the http protocol I get the right page:
http://www.mifujiclark.com


What am I doing wrong here?

thanks in advance.


P.S. Here is my site's conf file from the apache2 sites enabled folder:
# domain: mifujiclark.com
# public: /home/myfolder/public/mifujiclark.com/public

<VirtualHost *:443>
  SSLEngine On
  SSLProtocol all -SSLv2
  SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

  SSLCertificateFile /PATH_TO_APACHE_FOLDER/ssl/mifujiclark.com.crt
  SSLCertificateKeyFile /PATH_TO_APACHE_FOLDER/ssl/mifujiclark.com.key
  SSLCertificateChainFile /PATH_TO_APACHE_FOLDER/ssl/sub.class1.server.ca.pem

  # Admin email, Server Name (domain name), and any aliases
  ServerAdmin info@ookami.it
  ServerName  www.mifujiclark.com
  ServerAlias mifujiclark.com

  # Index file and Document Root (where the public files are located)
  DirectoryIndex index.html index.htm index.php
  DocumentRoot /home/myfolder/public/mifujiclark.com/public

  # Log file locations
  LogLevel warn
  ErrorLog  /home/myfolder/public/mifujiclark.com/log/error.log
  CustomLog /home/myfolder/public/mifujiclark.com/log/ssl_request.log \
      "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
  TransferLog /home/myfolder/public/mifujiclark.com/log/access.log
</VirtualHost>



<VirtualHost *:80>
  # Admin email, Server Name (domain name), and any aliases
  ServerAdmin info@ookami.it
  ServerName  www.mifujiclark.com
  ServerAlias mifujiclark.com

  # Index file and Document Root (where the public files are located)
  DirectoryIndex index.html index.htm index.php
  DocumentRoot /home/myfolder/public/mifujiclark.com/public

  # Log file locations
  LogLevel warn
  ErrorLog  /home/myfolder/public/mifujiclark.com/log/error.log
  CustomLog /home/myfolder/public/mifujiclark.com/log/access.log combined

</VirtualHost>

Open in new window

0
Comment
Question by:badwolfff
  • 4
6 Comments
 

Author Comment

by:badwolfff
ID: 40523076
Here are the three logs:

ACCESS.LOG
90.14.76.165 - - [30/Dec/2014:03:06:56 +0000] "GET / HTTP/1.1" 403 202
90.14.76.165 - - [30/Dec/2014:03:06:56 +0000] "GET /favicon.ico HTTP/1.1" 403 213

Open in new window


ERROR.LOG
[Tue Dec 30 03:06:56.610993 2014] [authz_core:error] [pid 22773] [client 90.14.76.165:57228] AH01630: client denied by server configuration: /home/myfolder/public/mifujiclark.com/public/
[Tue Dec 30 03:06:56.697159 2014] [authz_core:error] [pid 22773] [client 90.14.76.165:57228] AH01630: client denied by server configuration: /home/myfolder/public/mifujiclark.com/public/favicon.ico

Open in new window



SSL_REQUEST.LOG
[30/Dec/2014:03:06:56 +0000] 90.14.76.165 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET / HTTP/1.1" 202
[30/Dec/2014:03:06:56 +0000] 90.14.76.165 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /favicon.ico HTTP/1.1" 213

Open in new window

0
 
LVL 10

Expert Comment

by:schaps
ID: 40523201
Is the domain set up in httpd-ssl.conf ?
0
 

Author Comment

by:badwolfff
ID: 40523448
Hi,
thanks for the reply. I use Apache2 on Ubuntu. I don't see a httpd-ssl.conf.
I see a default-ssl.conf file. Do I need to add something to it?
If so could you please help me with the syntax?
Also the default-ssl.conf file at the moment I see it only in the sites-available folder and not in the sites-enabled folder.
Do I need to make a shortcut to it there?

thanks in advance
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Accepted Solution

by:
badwolfff earned 0 total points
ID: 40523503
I solved it myself by adding:

  ExpiresActive on

  ExpiresByType image/jpg "access plus 1 year"
  ExpiresByType image/png "access plus 1 year"
  ExpiresByType image/gif "access plus 1 year"
  ExpiresByType image/jpeg "access plus 1 year"

  ExpiresByType text/css "access plus 1 month"

  ExpiresByType image/x-icon "access plus 1 month"

  ExpiresByType text/javascript "access plus 1 month"
  ExpiresByType application/x-javascript "access plus 1 month"
  ExpiresByType application/javascript "access plus 1 month"


        <Directory /home/myfolder/public/mifujiclark.com/public>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride all
            Order allow,deny
            Allow from all
            Require all granted
        </Directory>
0
 
LVL 61

Expert Comment

by:gheist
ID: 40524768
Secure your server NOW:
SSLProtocol all -SSLv2
must become
SSLProtocol all -SSLv2 -SSLv3
(ssl3 is broken)
And
  SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
must become
  SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:!3DES
(3des is effectively 112bit cypher)
0
 

Author Closing Comment

by:badwolfff
ID: 40529971
I solved the problem myself
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. http://www.linuxmint.com. Once you open the link you will see …
Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now