Ubuntu 13.10 has been released. It is only a minor evolution from Ubuntu 13.04. Yet I was intrigued by the promise of a more responsive Unity UI, so I adopted early.
It turns out that the upgrade from Apache 2.2 to Apache 2.4 that comes with the Ubuntu upgrade introduces some important changes to the Apache configuration.
“Require all denied”
Apache 2.4 apparently has a new security model. The global configuration
file contains a directive that prevents access to all directories except
/var/www. While this is principally a good thing, it also prevented
access to my local website which is stored in a directory under
All fiddling with my local site configuration (under
/etc/apache2/sites-available) did not help, as this restriction was set
globally. It took me a while to find out that the good old
Allow from 127.0.0.1 192.168 no longer works when the
Require all denied is set. I got lots of “Permission denied”
messages on my own laptop!
The solution was to put a
Require ip 127.0.0.1 192.168 into the
vhost configuration file.
Configuration file name scheme
Another surprise came when I issued
commands. The script complained that the sites did not exist.
It turns out that the configuration files under
/etc/apache2/sites-available must end in
Needless to say that I had to change the permissions directives in the vhost configuration files (I have several) to the new model as well.
Now everything works again.