Forum

I recently installed Hiawatha 9.1 on my Raspberry Pi model B running the latest (early 2013) version of Raspbian.

Hiawatha was compiled from source, following the instructions at http://www.hiawatha-webserver.org/forum/topic/1214

The error I get is a 403 error EVERY time I want to access any page. I haven't messed around with CGI yet, and I've already run `sudo chown -R root:pi /var/www/` and `sudo chmod -R a+rx /var/www/`, but I still get the 403 error EVERY time I try to connect. Checking the logfiles just reveals 403 errors, as well.

I've reinstalled, rebooted, and already completed all the basic troubleshooting. I've already settled in, and don't want to reinstall the whole OS. What do I need to do to get my server fixed?

Will provide any configuration details needed.

Hiawatha version: 9.1
Operating System: Raspbian 3.6.11+

What user id do you use to run Hiawatha? Try switching to that user and test if you can read the files via the command line.

The server is running as root (that's how the maker designed it,) but I have full read-write access with any user, so long as it's not via the HTTP interface.
All the files are owned by root:pi, but the user peter (who has no ownership of the file at all) can access them just fine via cat or whatever.

UPDATE: just chmod'ed the ENTIRE /var/www directory (files AND folders) to 775, now everything works fine! `chmod -R 775 /var/www/`
(I can also run `chmod o-x` on the files themselves without breaking anything..)

I thought I'd triple-checked the permissions, but evidently not.. sorry..

P.S., is there any way to create an account or password-protect a username?

Are you sure Hiawatha is running as root? After starting Hiawatha via the root account, it should change user id to the one set via ServerId in hiawatha.conf or to user nobody when it's not set.

What do yo mean with 'create an account'?

Hi James,
I installed on my PI a few minutes ago and had no problems. I used "sudo su" before, but it should be the same result.

Maybe you did not change your VirtualHosts? That is the only thing you need to do after installation
Something like this:

VirtualHost {
Hostname = yourdomain.org
WebsiteRoot = /var/www/yourdomain.org
StartFile = index.html
AccessLogfile = /var/log/hiawatha/yourdomain_access.log
ErrorLogfile = /var/log/hiawatha/yourdomain_error.log
}

Permissions:
/var/www/yourdomain.org is root:root and 755 on my Test-Raspi

The default Binding is only for IP-spiders, for security. So you need VirtualHost

I tested Raspi 3.6.11 with Hiawatha 9.1


"Account" means .htpassword replacement ?


PasswordFile = ((Basic|Digest):<passwordfile>)|none[,<groupfile>]
When this option is set, HTTP authentication is enabled. Use the full path to the password file when that password file should also be used for sub-directories. Entries for the password file can be created via the wigwam(1) tool. The realm fo Digest HTTP authentication must be equal to the text set via LoginMessage.
The <groupfile> contains the groupnames followed by the names of the users that are a member of that group. The format of the lines in the groupfile is:
<groupname>:<username>[ <username> ...]
Example: PasswordFile = basic:/var/www/.passwords,/var/www/.groups

( http://www.hiawatha-webserver.org/manpages )