Apple’s new Mac OS X 10.5 (Leopard) changes how web sharing is set up. Thankfully, they’ve moved us all to Apache 2 codebase (a good thingâ?¢). But in doing so, they’ve disabled the ability to serve web pages contained in your home Site directory.
If you turn on Web Sharing from the System Preferences panel, it works for the main computer (http://localhost) but not for user accounts (http://localhost/~username/). Most perplexing is that Apple’s graphical interface confirms that web sharing is turned on for your personal account, but it doesn’t work. This is *very* un-Apple.
Even if you turn on web sharing from the System Preferences panel, you’ll still receive the dreaded 403 Forbidden. You don't have permission to access /~username/ on this server.
Thankfully, it’s a simple oversight on Apple’s part. Your options are two-fold. You can either set it up to activate the Sites directory in all your user accounts, or just for individual ones. I’ll cover both.
Activate Single User Account
Get your short username by opening a terminal, and typing:
whoami
Navigate to the Apache2 user configuration directory:
cd /private/etc/apache2/users
Now, we’ll open a new document with tee. Make sure to replace ‘username’ below with your short username. You will be prompted for a password when using sudo. Use your root or administrator password:
sudo tee username.conf
Then, copy and paste the following into terminal (replacing username with your short username):
#
# Allow access to this user's Sites directory for web clients.
#
<Directory "/Users/username/Sites/">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Then press Control-D to close the tee session.
Restart the Apache daemon:
sudo apachectl restart
That’s it; your user account should now have web sharing enabled.
If you want to activate web sharing for all current and future accounts, use this method instead:
Activate All User Accounts
Navigate to the Apache2 user configuration directory:
cd /private/etc/apache2/users
Now, we’ll open a new document:
sudo tee local.conf
Then, copy and paste the following into terminal:
#
# Allow access to all users' Sites directory for web clients.
#
<Directory "/Users/*/Sites/">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Then press Control-D to close the tee session.
Restart the Apache daemon:
sudo apachectl restart
Enable PHP
If you want to enable PHP5 which is built into Leopard, simply edit a single file, save it, and restart the Apache daemon:
Open terminal, and issue the following command:
cd /private/etc/apache2/
Then edit the file:
sudo pico httpd.conf
Search for php5 by pressing Control-W, and typing in php5, then pressing return.
You will find a line that reads:
#LoadModule php5_module libexec/apache2/libphp5.so
Delete the ‘#’ character, and save (Control-X) the file.
Restart the Apache daemon:
sudo apachectl restart
Pingback: freaky.be » links for 2007-11-22
I tried both methods, but with no effect. 🙁
Both methods should definitely work (works on a number of Macs running 10.5 and 10.5.1 in my shop. Make sure that the username.conf (renamed after your username…that’s critical) has the correct path in the <directory> directive. For example, my short username is cbrewer. Therefore, I’ve created a file called /private/etc/apache2/users/cbrewer.conf and the </directory> directive is <Directory “/Users/cbrewer/Sites/”>.
Pointing my browser to localhost/~cbrewer/ now works after restarting the Apache daemon.
Hi. I tried both methods as well and neither worked. The tee command seemed to behave a bit oddly. When I pasted the text (after editing the path), to produced 2 copies of the text? Is it supposed to do this? Also when I pressed Ctrl + D, the cursor simple went onto a new line – Pressing Ctrl + D for a second time returned me to the prompt – is that what I should expect? I triple checked everything I could think that I could have done wrong, but couldn’t spot anything. HELP!
Thanks.
Steven.
@Steven, That sounds like standard output from tee.
in terminal, type:
cat /private/etc/apache2/users/username.confReplace username with your account name.
Then, copy and paste the contents here so I can troubleshoot.
Hey, i have had a similar problem but i think its with the sudo command it says:
WARNING: Improper use of the sudo command could lead to data loss
or the deletion of important system files. Please double-check your
typing when using sudo. Type “man sudo” for more information.
To proceed, enter your password, or type Ctrl-C to abort.
Password:
i cant do anything, please help!!!!!
@Paul,
That’s the normal output for sudo. Sudo executes a command with administrator priveleges, so the system is just warning you that you have vast destructive powers when running a command under sudo. You need to enter your password in order to continue.
well i would, but i cant type anything, i can press enter then type and 5 sec later it says wrong password, i am using my account password, is it maybe a different password than that? thanks for the help
wow, ok i didnt realize it was the root password, ok, i followed the instructions now i cant resstart apache… i even restarted, any suggestions?
@Paul, I can’t help if you don’t post the specifics of the error message, details of how you’re starting Apache, etc. Please see comment 5 and perform that step as well. Sounds like you’ve got a mistake in your .conf file.
when I am trying to restart the apache daemon, it says “sudo: apachect1: command not found”
What do I do now?
I reset my computer (figuring that would restart the apache daemon) and now when I try to open my personal sites folder instead of ‘Forbidden…” i get a “cannot connect to server” message
@Wes, you should be copying and pasting, not typing. The command to restart Apache (apachectl) ends with a lowercase L.
The error “Can’t connect to host” is due to Apache not being started. You need to either start it in System Preferences->Sharing or via command line using
sudo apachectl start.restarted apachectl , started apachectl from the command terminal (says “or.apache.httpd: already loaded”) made positive web sharing was turned on (toggled it on and off) still get “cannot connect to server” when I try to connect to localhost.
What should I try now?
Thanks for the help btw
@Wes: If you created a configuration file for your username, you should be able to hit your site at http://localhost/~username/. If you created the local.conf file, you should be able to hit your site at http://localhost/. In either case, there must be an index.html file residing in the web directory. So, for example, if you created a username.conf file, you need an index.html file in /Users/username/Sites/.
i set up a .conf file for a single user – wes – and for all users. I made a test file – mytestfile.html – and pointed my browser to http://localhost/~wes/mytestfile.html and got the cannot connect to server localhost message. I created an index file in my Sites folder and pointed to http://localhost/~wes and same error.
what would be my next step?
Thank you so much for documenting this solution. Had me baffled and took much searching online to find this.
Well i finally got it, just reading other comments help a lot, i ended up having to go and edit 3 of the .conf files. But i forgot that this was only going to show in my network, is there a way to turn your static ip into an actual domain without paying? i dont mean to sound cheap but is it possible?
-thanks a lot
@Paul — There’s no way. However, check out dyndns.org. They offer a free service that maps your dynamic IP address to a subdomain (or your domain name of choice), allowing you to access your machine from the Internet (assuming your firewall is properly configured *and* your ISP allows it.
Dear Techno God,
I have been trying to wade through tons of techno-weeny speak to get localhost and php enabled on Leopard and then found you speaking from the burining bush (or should I say dump?!?!) How could a message so simple have been so obfuscated?
Thank you!
Stephanie Worrall
What a God-send! I was really scratching my head when I discovered that sites was no longer accessible post Leopard update… This article was exactly what I needed.
Thank you so much!
-Scott
@Chris I’ve gone through the steps listed, restarted Apache and still receive the Forbidden message. Here are the results from the cat command from the terminal:
Last login: Sat Feb 16 10:06:08 on ttys000
Tim:~ Tim$ cat /private/etc/apache2/users/username.conf
cat: /private/etc/apache2/users/username.conf: No such file or directory
Tim:~ Tim$ cat /private/etc/apache2/users/tim.conf
#
# Allow access to this user’s Sites directory for web clients.
#
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
Tim:~ Tim$
Thanks in advance,
Tim
@ Everyone, if you have followed these directions to a tee and it still does not work go to you sites directory in finder and get info on your index.html or whatever your main page is and look at your sharing and permissions setting and make sure everyone is set to read-only. Mines working great now.
Tim
Great!
Thanks for the PHP advice!
After many hours of searching for a solution to my apache issues (many…) re: Mac OS X 10.5.2 I found this. Blessed relief was just a few clicks away. Worked as advertised. Many thanks.
Not sure about the self-effacing aspects of this site other than it being some kind of massive disclaimer/caveat emptor. Not warranted I assert.
Indeed helpful,
Mickster
I’ve followed all the steps, including checking permissions on the file I want to serve from my sites directory and I am still getting access forbidden.
Here is what I have:
: /private/etc/apache2/users/mysuername.conf
: I’ve copied and pasted in the Directory options and changed the Directory to my user directory.
: checked the permissions and sharing to be sure they are read/write, read, read.
: restarted apache
: even restarted my machine and restarted apache
when I browser to http://192.168.0.3/~myusername/
I still get the access forbidden message.
I can see the site at http://192.168.0.3/
any more suggestions for me?
thanks
@Rick:
Don’t know if the typo is in your message or actually the filename, but your URL is for username ‘myusername’ and the filename in your post is ‘/private/etc/apache2/users/mysuername.conf’, which doesn’t match.
In the event that you just fat-fingered it in your post, and the file matches your short username, then I’d suggest you email me your file and I’ll take a look at it.
Fat fingered.
#
# Allow access to this user’s Sites directory for web clients.
#
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
I can’t see what it is that I’m doing/not doing.
Any help is greatly appreciated – rl lowercase is correct.
Odd, my previous post doesn’t show directory tag so I’m posting it again without the less then/greater than characters…
Directory “/Users/rl/Sites/”
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
/Directory
I figured out my problem.
I configured File sharing to only include myself and a Read Only for everyone. Then I made sure that the permissions on my home folder matched those of another user I created. No more 403 from Safari.
Yes! Thanks Rick! My problem was the same as yours — I needed to Get Info on my home folder and grant “read only” permissions for “everyone”.
Great stuff. I was wondering. Great stuff. I was wondering. can I use a ‘real’ web-site name on the local system. In a way the browser address bar shows a nice ‘http://mywebsite.com’ and not the ugly ‘http://localhost/~whoami’
The idea. I put a mirror of our site on a laptop and take that to a fair (where there is no internet connection) to show of our site and let people play with is like it was ‘live’ on internet.
Hello everyone,
I have read all the posts, and did everything said, but I am still getting the problem. It keeps telling me: “Safari cannot open page http://localhost because it cannot connect to the server”
Neither works with IP address nor IP/~userName.
I need more ideas, could someone tell me what would be the next step? It might be a configuration problem due to httpd.conf? I dunno but I am freaking out!
Thanks in advance!
Hi again!
Finally I got it to work.
Besides the problem reported here, there is another one.
There is one important folder missing.
In the location /private/var/log/ it should be a apache2 folder. Therefore we must ensure it exists.
To create it type in the Terminal window:
sudo mkdir apache2
that propmts you for the root password.
Once don it, restart apache.
Great! Together with all the comment my problem was solved. The thing that stopped me in my tracks was the stuff dr_dog ansvered in his post.
GL HF to you
Hooray! You really saved my backside. I’ve gone for a month trying to figure this out when I had time, and just today came upon your solution. I confess: the first time I tried it, I screwed up and neglected to substitute “username” (I know, very sad, but terminal freaks me out and shook me off my game). I quit terminal, restarted, and followed instructions for All Users and then PHP. Worked like magic. Thanks for taking the time to post this!
Much obliged to you for offering this solution. I thought I’d offer that you’ll need to use an admin account in order to use ‘sudo’, right?
–myrt
@myrtlewood,
sudo (short for SuperUser DO) executes a command as a superuser or another user, depending on configuration. In this instance we’re wanting to execute commands as an administrator. As such, it either requires the password of an administrator or root account.
I’m getting the 403 forbidden message when I try to view a file in a subdirectory of my Sites folder. ex:
http://localhost/~username/subfolder/homepage.html
It’s strange that I can view a listing of the files in this folder but not view an individual html file.
Any ideas?
@Carlos
In terminal navigate to the subdirectory, and issue the following command and paste the results here:
ls -alThis solution won’t be enough if you’re using FileVault.
Those of you who use FileVault will have to give permissions to your home folder. Follow these instructions for more information:
http://blog.phpguy.org/2008/04/26/apple-filevault-and-apache-http-server/
Dear Chris
I am really scratching my head over this and I am stuck. I have tried both methods and still ‘Safari can’t find the server’. I have to admit that I followed the Adobe instructions and downloaded / installed Entropy, way out of my depth I decided to try and delete it following their instructions, once I discovered that Leopard comes with Apache.
So anyway still no luck with viewing php pages or my localhost?
cat /private/etc/apache2/users/raj.conf
Options Indexes Mulitviews AllowOverride None Order allow,deny Allow from all
Any help is very welcome. Thank you
PS. I had to type in the sudo tee code. As the copy/paste was behaving strangely, as someone mentioned before. It was pasting twice and missing out the
Raj
Sorry the paste in the last message missed the .
So when I run this in terminal:
cat /private/etc/apache2/users/raj.conf
I get:
Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all-Create [username].conf (replace username with YOUR short username, sans brackets) in /private/etc/apache2/users/
cd /private/etc/apache2/users/
sudo nano [username].conf
#
# Allow access to this user’s Sites directory for web clients.
#
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
-Check that everyone has read-only permissions for /Users/[username]/Sites/index.html
cd ~/Sites/
ls -l
-Create Apache log file in /private/var/log/
cd /private/var/log/
sudo mkdir apache2
-Restart Apache web server
sudo apachectl restart
Source: http://www.gigoblog.com/2007/11/08/configure-apache-web-sharing-for-user-accounts-in-mac-os-x-105-leopard/ (mostly a compilation of user comments)
Pingback: Joakim Andersson » Blog Archive » Configure Apache Web Sharing for user accounts in Mac OS X 10.5 Leopard
I’ve read each of the comments and have done all I can (activated both Single and All user accounts as per the article) but I still get a 403 error.
I can access localhost fine as always but can’t access any of its subdirectories or ~/Sites.
/etc/hosts
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
fe80::1%lo0 localhost
/etc/apache2/users/David.conf
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
/etc/apache2/users/local.conf
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
What am I doing wrong?
Let me throw my problems onto the pyre…
I am trying to get my personal Site to be read by the Apache and did all of the stuff covered earlier. My problem started out with the 404 screen, but as I worked in doing the solutions I got to the point where Safari couldn’t find the address altogether (Safari can’t find the server…)
I tried starting back over at ground zero by using Time Machine to revert to a point last week. I even went into Time Machine and manually replaced the htttpd.conf file all to no avail. Any help would be highly appreciated.
Pingback: Leopard - 403 Forbidden. You don’t have permission to access « Majecek’s Weblog
Pingback: Ferg's gaff – Issues with configuring Personal Web Sharing on ‘upgraded’ Leopard