Question
On both the PHP server and the client I have in /etc/hosts:
https://stackoverflow.com/questions/23462063
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian192.168.1.111 my-fake-domain-name.com
The PHP server is that box (192.168.1.111). But when I use curl or file_get_contents to get anything from that alias (my-fake-domain-name.com) it always returns a 403 error. If I use the ip address, everything works fine. How do I get those programs to recognize the alias?
//These do NOT work
file_get_contents( "http://my-fake-domain-name.com" );
curl_setopt($ch, CURLOPT_URL, "http://my-fake-domain-name.com" );
//These DO work
file_get_contents( "http://192.168.1.111" );
curl_setopt($ch, CURLOPT_URL, "http://192.168.1.111" );
EDIT: Using curl at the command line works with the alias. It's only in PHP that it doesn't seem to work.
** EDIT: Added the config file and what OS I'm using**
OS: CentOS 6.5 Server
httpd.conf
ServerTokens Prod
ServerRoot "/etc/httpd"
PidFile run/httpd.pid
Timeout 60
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 15
<IfModule prefork.c>
StartServers 8
MinSpareServers 12
MaxSpareServers 24
ServerLimit 24
MaxClients 24
MaxRequestsPerChild 4000
</IfModule>
<IfModule worker.c>
StartServers 4
MaxClients 300
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
Listen 80
Listen 443
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule alias_module modules/mod_alias.so
LoadModule substitute_module modules/mod_substitute.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so
Include conf.d/*.conf
User apache
Group apache
ServerAdmin root@localhost
ServerName localhost
UseCanonicalName Off
DocumentRoot "/var/www/public_html"
<IfModule mod_cache.c>
<IfModule mod_disk_cache.c>
#CacheEnable disk /
#CacheRoot /webaps/cache/app1
#CacheDefaultExpire 3600
#CacheDisable /wp-admin
#CacheDirLevels 3
#CacheDirLength 5
#CacheIgnoreCacheControl On
#CacheMaxFileSize 1000000000
#CacheIgnoreNoLastMod On
#CacheMaxExpire 1209600
</IfModule>
</IfModule>
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/var/www/public_html/wp-content/plugins">
AllowOverride All
</Directory>
<Directory "/var/www/public_html">
Options FollowSymLinks
AllowOverride None
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
Order deny,allow
deny from all
Allow from 192.168.1
</Directory>
<IfModule mod_userdir.c>
#
# UserDir is disabled by default since it can confirm the presence
# of a username on the system (depending on home directory
# permissions).
#
UserDir disabled
#
# To enable requests to /~user/ to serve the user's public_html
# directory, remove the "UserDir disabled" line above, and uncomment
# the following line instead:
#
#UserDir public_html
</IfModule>
DirectoryIndex index.html index.html.var
AccessFileName .htaccess
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</Files>
TypesConfig /etc/mime.types
DefaultType text/plain
<IfModule mod_mime_magic.c>
MIMEMagicFile conf/magic
</IfModule>
HostnameLookups Off
ErrorLog /webaps/logs/app1/error_log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
CustomLog /webaps/logs/app1/access_log combined
ServerSignature Off
Alias /icons/ "/var/www/icons/"
<Directory "/var/www/icons">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<IfModule mod_dav_fs.c>
# Location of the WebDAV lock database.
DAVLockDB /var/lib/dav/lockdb
</IfModule>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable Charset=UTF-8
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
DefaultIcon /icons/unknown.gif
ReadmeName README.html
HeaderName HEADER.html
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw
LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
ForceLanguagePriority Prefer Fallback
AddDefaultCharset UTF-8
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
AddHandler type-map var
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Alias /error/ "/var/www/error/"
<IfModule mod_negotiation.c>
<IfModule mod_include.c>
<Directory "/var/www/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
</Directory>
</IfModule>
</IfModule>
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
SSLEngine Off
ServerName my-fake-domain-name.com
</VirtualHost>
Solution 3
Adding the following, makes both curl and file_get_contents able to reach the web server:
<Directory "/var/www/public_html">
Allow from all
</Directory>
This needs to be added to both the :80 and :443 virtual host declarations.
Note: I'm not sure why this was needed as I previously had Allow from 192.168.1 and this server is within that
OTHER TIPS
What is the output of curl -I for that domain? That should show you the headers with a possible explanation. Run it like this:
curl -I my-fake-domain-name.com
And what shows up in the web server (I assume Apache?) logs on the server at my-fake-domain-name.com? These logs should be located in:
/var/log/apache2/access.log
/var/log/apache2/error.log
And you can follow their output using tail like so:
sudo tail -f -n 200 /var/log/apache2/access.log
sudo tail -f -n 200 /var/log/apache2/error.log
These paths are based on a standard Ubuntu 12.04 install, but should be the same for CentOS & whatever Linux variant you are using if you are on Linux.
Assuming it is Apache running on the server, do you have Apache name-based virtual hosts in place? It could be you are getting a success for 192.168.1.111 because that is the Apache default config returning data, but of you have an Apache name-based virtual host config in place for my-fake-domain-name.com and that Apache config is broken it could cause the 403: Forbidden error.
EDIT: And since the original poster in the comments indicates the issue could be with the PHP code itself, there could be an error within the PHP code itself that could cause the 403. Perhaps .htaccess related as well?
ANOTHER EDIT: In your comments you say you have ServerAlias set like so:
ServerAlias my-fake-domain-name.com
But you seem to be missing ServerName:
ServerName my-fake-domain-name.com
This is a pseudo-code example of how I would setup a virtual host like this:
<VirtualHost *:80>
DocumentRoot /var/www/my-fake-domain-name.com/site/
ServerName my-fake-domain-name.com
ServerAlias my-fake-domain-name.com
ErrorLog /var/log/apache2/my-fake-domain-name.com.error.log
CustomLog /var/log/apache2/my-fake-domain-name.coml.access.log combined
</VirtualHost>
We need to know what your Apache configuration looks like for that virtual host entry. You need to make sure you have both
NameVirtualHost 192.168.1.111:80
And
<VirtualHost 192.168.1.111:80>
in your configuration, and THEN you can put it as ServerName or ServerAlias, but without seeing your configuration, there's no way for me to tell you what's wrong with it. You must have ServerName. For example, you would use ServerName mydomain.com and then have ServerAlias www.mydomain.com subdomain.mydomain.com under ServerAlias...not sure why you're talking about using Alias unless you already have a domain using that IP
As from your last comment once you changed access to Allow from all that fixed your problem.
I'v seen this a few times but what you could try is adding a trailing period:
Order deny,allow
deny from all
Allow from 192.168.1.
Notice the trailing . at the end of the IP
You could also try using CIDR notation:
Order deny,allow
deny from all
Allow from 192.168.1.0/24
Or just use the full subnet:
Order deny,allow
deny from all
Allow from 192.168.1.0/255.255.255.0
