Skip to main content

Raymii.org Raymii.org Logo

Quis custodiet ipsos custodes?
Home | About | All pages | Cluster Status | RSS Feed

Owncloud, DirectAdmin, Apache 2.4 and Error AH01797: client denied by server configuration

Published: 15-09-2014 | Author: Remy van Elst | Text only version of this article


❗ This post is over nine years old. It may no longer be up to date. Opinions may have changed.

owncloud

I keep a few servers around for shared webhosting for friends, family and some other domains. Most of them run Directadmin, because it is easier to work with for the target audience. I'm very good with the command line, they've never heard of it.

Recently I removed all Google Ads from this site due to their invasive tracking, as well as Google Analytics. Please, if you found this content useful, consider a small donation using any of the options below:

I'm developing an open source monitoring app called Leaf Node Monitoring, for windows, linux & android. Go check it out!

Consider sponsoring me on Github. It means the world to me if you show your appreciation and you'll help pay the server costs.

You can also sponsor me by getting a Digital Ocean VPS. With this referral link you'll get $100 credit for 60 days.

One of my friends runs Owncloud, a wonderfull piece of software to get cloud services under your control. He does not use the file part but rather the calendar and contacts a lot. A recent update of Apache to 2.4.10 broke that functionality on a Directadmin machine with the error AH01797: client denied by server configuration.

I started by checking the vhosts file, /usr/local/directadmin/data/users/$USER/httpd.conf and see if changing or adding the Require all granted part solved it. But, it did not.

A combination of httpd -S to see all sites and httpd -V to see all compile settings led me to a Directadmin configuration file, /etc/httpd/conf/extra /httpd-directories.conf which contains the following:

<Directory /home>
        AllowOverride All
        Options -MultiViews -Indexes +FollowSymLinks +IncludesNoExec +Includes
        <Limit GET POST OPTIONS PROPFIND>
                Order allow,deny
                Allow from all
        </Limit>
       <LimitExcept GET POST OPTIONS PROPFIND>
               Order deny,allow
               Deny from all
       </LimitExcept>
</Directory>

The PROPFIND HTTP method is specific to Webdav, Owncloud used that a lot with Carddav and Caldav sync. Commenting out or removing the PROPFIND method from the last Deny from all block solved the syncing problem. I'm not sure how that got in there, it seems incorrect with 2.4, but still, after removing it, Owncloud works as it did again.

Tags: apache , blog , caldav , carddav , directadmin , owncloud