I’m using the dompdf plugin for codeigniter: http://codeigniter.com/wiki/PDF_generation_using_dompdf/
to generate pdfs from a form. This works on localhost, but on the live server I get this in the error log:
Directory index forbidden by Options directive: /var/www/vhosts/domain.co.uk/httpdocs/mm/userdata/account1/invoices/
Any idea what this means? I’ve searched for answers, and found a few that suggest editing the httpd.conf, however I don’t have access to this.
I’ve also tried adding a blank index.html file to the root and document directory (as also suggested elsewhere, but to no avail).
Any help greatly appreciated.
Either the main
httpd.conf or the
.htaccess file in this directory or a nearby parent directory probably includes:
Your host may have to set it to
+Indexes if you don’t have access in
.htaccess and want to list & browse the directory contents, absent a default
index.html, index.php, etc. If the directory should not have a default file and you don’t enable
Indexes, you may only directly target the filenames of contents within it.
Indexes option is commonly disabled by default on many Apache installations.
Full details are available in the Apache core documentation on
It means there’s no default document in that directory (index.html, index.php, etc…). On most webservers, that would mean it would show a listing of the directory’s contents. But showing that directory is forbidden by server configuration (
Another issue that you might run into if you’re running RHEL (I ran into it) is that there is a default welcome page configured with the httpd package that will override your settings, even if you put Options Indexes. The file is in /etc/httpd/conf.d/welcome.conf. See the following link for more info:
Indexes visible in a web browser for directories that do not contain an index.html or index.php file.
I had a lot of trouble with the configuration on Scientific Linux’s httpd web server to stop showing these indexes.
The Configuration that did not work
httpd.conf virtual host directory directives:
<Directory /home/mydomain.com/htdocs> Options FollowSymLinks AllowOverride all Require all granted </Directory>
and the addition of the following line to .htaccess:
Directory indexes were still showing up. .htaccess settings weren’t working!
How could that be, other settings in .htaccess were working, so why not this one? What’s going? It should be working! %#$&^$%@# !!
Change httpd.conf’s Options line to:
and restart the webserver.
From Apache’s core mod page: ( https://httpd.apache.org/docs/2.4/mod/core.html#options )
Mixing Options with a + or – with those without is not valid syntax
and will be rejected during server startup by the syntax check with an
Voilà directory indexes were no longer showing up for directories that did not contain an index.html or index.php file.
Now What! A New Wrinkle
New entries started to show up in the ‘error_log’ when such a directory access was attempted:
[Fri Aug 19 02:57:39.922872 2016] [autoindex:error] [pid 12479] [client aaa.bbb.ccc.ddd:xxxxx] AH01276: Cannot serve directory /home/mydomain.com/htdocs/dir-without-index-file/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive
This entry is from the Apache module ‘autoindex’ with a LogLevel of ‘error’ as indicated by [autoindex:error] of the error message—the format is [module_name:loglevel].
To stop these new entries from being logged, the LogLevel needs to be changed to a higher level (e.g. ‘crit’) to log fewer—only more serious error messages.
Apache 2.4 LogLevels
See Apache 2.4’s core directives for LogLevel.
emerg, alert, crit, error, warn, notice, info, debug, trace1, trace2, trace3, tracr4, trace5, trace6, trace7, trace8
Each level deeper into the list logs all the messages of any previous level(s).
Apache 2.4’s default level is ‘warn’. Therefore, all messages classified as emerg, alert, crit, error, and warn are written to error_log.
Additional Fix to Stop New error_log Entries
Added the following line inside the <Directory>..</Directory> section of httpd.conf:
The Solution 1
My virtual host’s httpd.conf <Directory>..</Directory> configuration:
<Directory /home/mydomain.com/htdocs> Options +FollowSymLinks AllowOverride all Require all granted LogLevel crit </Directory>
and adding to /home/mydomain.com/htdocs/.htaccess, the root directory of your website’s .htaccess file:
If you don’t mind the ‘error’ level messages, omit
Scientific Linux – Solution 2 – Disables mod_autoindex
No more autoindex’ing of directories inside your web space. No changes to .htaccess. But, need access to the httpd configuration files in /etc/httpd
Edit /etc/httpd/conf.modules.d/00-base.conf and comment the line:
LoadModule autoindex_module modules/mod_autoindex.so
by adding a # in front of it then save the file.
In the directory /etc/httpd/conf.d rename (mv)
sudo mv autoindex.conf autoindex.conf.<something_else>
sudo httpd -k restart
sudo apachectl restart
The autoindex_mod is now disabled.
Linux distros with ap2dismod/ap2enmod Commands
Disable autoindex module enter the command
sudo a2dismod autoindex
to enable autoindex module enter
sudo a2enmod autoindex
Insert this lines:
<Directory "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/htdocs"> Options +Indexes </Directory>
C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf\extra\httpd-vhosts.conf file. I assume you are using Virtual Host for development.
And then, of course, just restart Apache.