[Bug 370542] Re: Accessing http://localhost gives without reason a 403 Forbidden error page
Jonathan Marsden
jmarsden at fastmail.fm
Sat May 2 04:14:54 BST 2009
DIAGNOSIS:
Based on the [client ::1] in the log entries, I strongly suspect an IPv6
related issue here.
In Jaunty, /etc/hosts has a line
::1 localhost ip6-localhost ip6-loopback
where in Intrepid, this was
::1 ip6-localhost ip6-loopback
I *strongly* suspect that "allow from localhost" in Apache maps to an
IPv4 "allow from 127.0.0.1", but in Jaunty, the incoming request is
actually coming in from IPv6 address ::1, which therefore does not match
the allow rule.
EVIDENCE:
(A) Once you edit things to use "allow localhost" and then reboot,
browsing to http://[::1]/. fails but browsing to http://[127.0.0.1]/
works.
(B) Editing the line of .etrc/hosts that starts with ::1 to remove the
"localhost" name and then restarting your browser allows browsing to
http://localhost/ to work once more (because now localhost resolves to
127.0.0.1).
SOLUTION:
The 'fix' is now trivially obvious. Edit the line of /etc/apache2
/sites-available/default to say "allow localhost" as before, and then
add a new line immediately after it that says "allow ::1" . Now both
IPv4 locahost and IPv6 localhost clients are permitted the rules the
sysadmin has manually specified, and now browsing from Firefox on the
local machine works as expected.
QUESTION: Is this really a bug? Or is it simply a change of overall
system behaviour as the world becomes more IPv6 conscious, that those
who like editing Apache config files by hand "should" know about? [I
suspect the latter, but I'm not at all dogmatic about that opinion :) ]
In case it matters, my tests were all done in a Jaunty i386 virtual
machine using virtualbox-ose on a Jaunty amd86 host system, and with
Firefox as my "browser of choice".
Jonathan
--
Accessing http://localhost gives without reason a 403 Forbidden error page
https://bugs.launchpad.net/bugs/370542
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list