Upgrading to Ubuntu 13.10 with Apache 2.4

Ubuntu 13.10 has been released. It is only a minor evolution from Ubuntu 13.04. Yet I was intrigued by the promise of a more responsive Unity UI, so I adopted early.

It turns out that the upgrade from Apache 2.2 to Apache 2.4 that comes with the Ubuntu upgrade introduces some important changes to the Apache configuration.

“Require all denied”

Apache 2.4 apparently has a new security model. The global configuration file contains a directive that prevents access to all directories except for /var/www. While this is principally a good thing, it also prevented access to my local website which is stored in a directory under /home/....

All fiddling with my local site configuration (under /etc/apache2/sites-available) did not help, as this restriction was set globally. It took me a while to find out that the good old Order deny,allow and Allow from 192.168 no longer works when the directive Require all denied is set. I got lots of “Permission denied” messages on my own laptop!

The solution was to put a Require ip 192.168 into the vhost configuration file.

Configuration file name scheme

Another surprise came when I issued sudo a2dissiteand sudo a2ensite commands. The script complained that the sites did not exist.

It turns out that the configuration files under /etc/apache2/sites-available must end in .conf now.

Needless to say that I had to change the permissions directives in the vhost configuration files (I have several) to the new model as well.

Now everything works again.

Further reading