我正在运行在 Ubuntu 20.04 LTS 上运行的 Apache 2 Web 服务器。我为/var/www/html目录启用了 Python CGI 处理程序，即DocumentRoot. 我想知道如何从运行 CGI for Python 文件中排除某个目录。
在我的 CGI 配置中：

<Directory "/var/www/html">
    Options +ExecCGI
    AddHandler cgi-script .py
        <IfModule mod_rewrite.c>
                RewriteEngine On
                RewriteCond %{REQUEST_FILENAME} !-d
                RewriteCond %{REQUEST_FILENAME}\.py -f
                RewriteRule ^(.*)$ $1.py
        </IfModule>
</Directory>

<Directory "/var/www/html/static/cdn">
        DirectoryIndex disabled
        Options +Indexes -ExecCGI
        AllowOverride None
        Require all granted
</Directory>

在/static/cdn目录中，我希望.py文件像任何其他静态文件一样被提供，而不是作为 CGI 执行。这是cdn目录树：

.
├── checkForUpdates.exe
├── checkForUpdates.py
└── findLogErrors
    ├── botCriteria.json
    ├── cleanup.json
    ├── findLogErrors.exe
    └── version.json

1 directory, 6 files

我可以根据需要在 Web 浏览器中查看目录的索引。我可以从这个目录查看或下载任何文件，除了checkForUpdates.py. 服务器没有尝试将其作为 CGI 执行，它给出了 403。权限checkForUpdates.py与其他文件相同：

nbroyles@webserver:/var/www/html/static/cdn$ ls -altr
total 15548
-rwxrwxr-x 1 www-data web 15901526 Nov 17 11:37 checkForUpdates.exe
drwxrwxr-x 7 www-data web     4096 Nov 19 11:13 ..
drwxrwxr-x 2 www-data web     4096 Dec 23 09:41 findLogErrors
drwxrwxr-x 3 www-data web     4096 Dec 23 09:49 .
-rwxrwxr-x 1 www-data web     2072 Dec 23 09:49 checkForUpdates.py

我怎样才能像查看任何.py文件一样查看文件？我确定我的配置中缺少一些简单的东西。任何帮助是极大的赞赏！.json.exe

我已经在我的网络服务器上设置了 gitweb。我在服务器上创建了项目。我可以向它们添加提交，也可以远程克隆它们。

当我访问我的 git.website 时，会显示 gitweb“主页”，并且会加载 css、logo、favicon 等静态文件。

问题是我只看到消息：未 找到此类项目。每次刷新网页时，我都会在 /var/log/httpd/error_log 中看到以下内容

[Wed Aug 04 00:39:32.321352 2021] [cgid:error] [pid 44346:tid 140132795492096] [client MY_HOME_IP:37700] fatal: mmap failed: Permission denied: /var/www/git/gitweb.cgi, referer: https://git.mydomain.abc/

我已经确认 httpd 以 apache 用户身份运行，并且 /var/www 的所有权也设置为 apache。我相信权限也已正确设置：

[root@git ~]# ps auxw | grep httpd
root       44780  0.2  1.6 281804 13828 ?        Ss   00:48   0:00 /usr/sbin/httpd -DFOREGROUND
apache     44782  0.0  1.0 295684  8876 ?        S    00:48   0:00 /usr/sbin/httpd -DFOREGROUND
apache     44783  0.0  1.7 1484604 14712 ?       Sl   00:48   0:00 /usr/sbin/httpd -DFOREGROUND
apache     44784  0.0  2.2 1353476 18956 ?       Sl   00:48   0:00 /usr/sbin/httpd -DFOREGROUND
apache     44785  0.0  2.0 1353476 16760 ?       Sl   00:48   0:00 /usr/sbin/httpd -DFOREGROUND
apache     45019  0.0  1.7 1353476 14708 ?       Sl   00:48   0:00 /usr/sbin/httpd -DFOREGROUND
root       45141  0.0  0.1 221928  1140 pts/0    S+   00:48   0:00 grep --color=auto httpd
[root@git ~]# ls -ld /var/ /var/www/ /var/www/git/ ; ls -lZ /var/www/git/gitweb.cgi 
drwxr-xr-x. 21 root   root   4096 Aug  2 18:16 /var/
drwxr-xr-x.  5 apache apache   44 Aug  2 18:23 /var/www/
drwxr-xr-x.  8 apache apache  179 Aug  4 00:18 /var/www/git/
-rwxr-xr-x. 1 apache apache system_u:object_r:git_script_exec_t:s0 253816 Jul 20  2020 /var/www/git/gitweb.cgi
[root@git ~]# 

/etc/gitweb.conf

$projectroot = '/var/www/git/';
$git_temp = "/tmp";
$stylesheet = "static/gitweb.css";
$logo = "static/git-logo.png";
$favicon = "static/git-favicon.png";

/etc/httpd/conf.d/gitweb-le-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName git.mydomain.abc 
    DocumentRoot /var/www/git
    <Directory /var/www/git>
        SetEnv  GITWEB_CONFIG  /etc/gitweb.conf
        Options +ExecCGI +FollowSymLinks +SymLinksIfOwnerMatch
        AllowOverride All
        order allow,deny
        Allow from all
        AddHandler cgi-script .cgi
        DirectoryIndex gitweb.cgi
    </Directory>
    <Files gitweb.cgi>
        SetHandler cgi-script
    </Files>
SSLCertificateFile /etc/letsencrypt/live/git.mydomain.abc/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/git.mydomain.abc/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

如果有人看到我做错了什么，我将非常感谢一些指导.. 谢谢！

EDIT1： 这里是 audit.log

type=SYSCALL msg=audit(1628072069.412:134): arch=c000003e syscall=9 success=no exit=-13 a0=0 a1=b9 a2=1 a3=2 items=0 ppid=2911 pid=2917 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=48 sgid=48 fsgid=48 tty=(none) ses=4294967295 comm="git" exe="/usr/bin/git" subj=system_u:system_r:git_script_t:s0 key=(null)ARCH=x86_64 SYSCALL=mmap AUID="unset" UID="apache" GID="apache" EUID="apache" SUID="apache" FSUID="apache" EGID="apache" SGID="apache" FSGID="apache"
type=PROCTITLE msg=audit(1628072069.412:134): proctitle=2F7573722F62696E2F676974002D2D6769742D6469723D2F7661722F7777772F6769742F2F796F75747562652D646C2D62617463682E67697400666F722D656163682D726566002D2D666F726D61743D2528636F6D6D697474657229002D2D736F72743D2D636F6D6D697474657264617465002D2D636F756E743D3100726566
type=AVC msg=audit(1628072069.433:135): avc:  denied  { map } for  pid=2919 comm="git" path="/var/www/git/myrepo01.git/objects/1c/1c5ca1a07da5187a696cd1661d6b2a734ad98c" dev="vda1" ino=36639 scontext=system_u:system_r:git_script_t:s0 tcontext=unconfined_u:object_r:git_content_t:s0 tclass=file permissive=0

EDIT2 问题归结为我不是专家的 SELinux。将模式更改为Permissive我现在可以看到我的所有存储库..但是我必须弄清楚如何使它与Enforced模式一起工作..

我已经在 FreeBSD 12 中成功安装了 perl5 和 apache24。然后我启用了 apache24/etc/rc.conf并看到 index.html 放置在 path 中/usr/local/www/apache24/data。然后在文件中/usr/local/etc/apache24/httpd.conf我取消了该行的注释

AddHandler cgi-script .cgi

在里面<IfModule mime_module>并且也在.pl行尾添加。

然后我在同一个文件中添加了这一行

Options FollowSymLinks +ExecCGI

行后

Options Indexes FollowSymLink

并重新启动 Apache，但收到错误

要么所有选项都必须以 + 或 - 开头，要么没有选项可以

所以我在FollowSymLink没有任何错误的情况下添加了这一行并重新启动了 Apache。但是，如果我点击链接，mydomain.com/test.pl我仍然会看到我的 PERL 代码显示为纯文本而不是执行。

我的 PERL 代码是

#!/usr/local/bin/perl
print "Content-type: text/html\n\n";
print "Hello world!";

如果我通过命令在命令行中运行代码，perl /usr/local/www/apache24/data/test.pl我会收到两行Content-type: text/html，即Hello world!. 该文件的权限为 755。

我还能做些什么来解决问题？

我们在我们的一个网站上收到随机的内部服务器错误。

这些内部服务器错误有时可能只出现在某些用户身上，但其他用户没有收到它（同时），反之亦然。

多次页面刷新后，所述内部服务器错误消失。

我已经确认这不是脚本问题。我已经使用test.php仅echo测试字符串的 a 对其进行了测试。一旦引发内部服务器错误，即使上述错误也会在test.php几分钟内引发相同的错误，并在几次页面刷新后重新开始工作。

error logs不包含与所述错误相关的任何内容。我已经通过故意访问会引发致命错误和警告的 php 脚本确认错误日志正在工作。抛出的错误和警告都被正确记录。

我还咨询了我们的托管服务，ipower他们已经确认.htaccess我们的托管服务php.ini都是正确的。他们甚至说它PHP已正确安装在我们的服务器上，并且应该开始正常工作。截至目前，我们对此有一个公开的票证，他们仍在 尝试调查。

如果我可以补充一下，我们正在使用opencart 3.0.3.7并且我们网站的确切克隆在我们的一个测试域和所述托管公司的其他服务器上运行良好。

出现上述错误是否还有其他可能的原因？答案似乎是固执己见，但如有必要，请毫不犹豫地投反对票，如果可能，请发表评论，评论您对这个难以确定的奇怪之处的想法

我有一个 apache 2.4.46-3 服务器，它从 /srv/http 提供服务。我有一个包含 2 个文件的文件夹 /srv/http/bin：

.htacces（模式 644）：

AddHandler cgi-script .exe
Options +ExecCGI

main.exe（模式 755）：从 main.cpp 编译：

#include <iostream>
using namespace std;

int main () {
   cout << "Content-type:text/html\r\n\r\n";
   cout << "<html>\n";
   cout << "<head>\n";
   cout << "<title>Hello World - First CGI Program</title>\n";
   cout << "</head>\n";
   cout << "<body>\n";
   cout << "<h2>Hello World! This is my first CGI program</h2>\n";
   cout << "</body>\n";
   cout << "</html>\n";
   
   return 0;
}

但是当我访问页面 localhost/bin/main.exe 时，它​​会提供下载 exe 而不是显示 html。我忘记启用某些东西了吗？

编辑：

cgi-bin 目录有问题， 这并没有解决我的问题！

exe替换with的所有实例cgi也没有解决我的问题！

添加

<Directory "/srv/http/bin">
    Options +ExecCGI
    AddHandler cgi-script cgi pl exe
    AllowOverride All
    Require all granted
</Directory>

到 httpd.conf 也没有解决问题！没有/var/log/httpd/error_log与 cgis 或 exes 或 /srv/http/bin 文件夹相关的错误，那么这里可能发生了什么？

当我尝试打开 webmin 登录页面“ https://192.168.1.13:10000 ”时，它显示如下纯 Perl 脚本，有什么问题？我正在运行 Ubuntu 18.04 和最新版本的 webmin。

#!/usr/bin/perl

#
# 正宗主题（https://github.com/authentic-theme/authentic-theme）
# 版权所有伊利亚·罗斯托夫采夫
# 在 MIT 下获得许可 (https://github.com/authentic-theme/authentic-theme/blob/master/LICENSE)
#
使用严格；

使用 File::Basename；

我们的 (%in, %gconfig, %tconfig, %text, $config_directory, $current_theme, %theme_text);

do(dirname(__FILE__) . "/authentic-lib.pl");

我的 %miniserv;
get_miniserv_config(\%miniserv);

我的 $charset = &get_charset();

# 检查添加错误处理程序
error_40x_handler();

我们的 %theme_config = (settings($config_directory . "/$current_theme/settings-admin", 'settings_'),
                     settings($config_directory . "/$current_theme/settings-root", 'settings_'));

# 显示登录前文本横幅
if ($gconfig{'loginbanner'} &&
    get_env('http_cookie') !~ /banner=1/ &&
    !$in{'注销'} &&
    !$in{'失败'} &&
    !$in{'timed_out'})
{

    print "Auth-type: auth-required=1\r\n";
    print "Set-Cookie: banner=1; path=/\r\n";
    &PrintHeader($charset);
    打印'', "\n";
    打印'', "\n";
    embed_login_head();
    打印 '' 。"\n";
    embed_overlay_prebody();
    打印
' 

'
      . "\n";
    我的 $url = $in{'page'};
    打开（横幅，$gconfig{'loginbanner'}）；

    尽管 （） {
        s/LOGINURL/$url/g;
        打印;
    }

    关闭（横幅）；
    &footer();
    返回;
}

我的 $sec = lc(get_env('https')) eq 'on' ？“; 安全的” ： ””;
我的 $sidname = $miniserv{'sidname'} || “西德”；
print "Auth-type: auth-required=1\r\n";
print "Set-Cookie: banner=0; path=/$sec\r\n" if ($gconfig{'loginbanner'});
print "Set-Cookie: $sidname=x; path=/$sec\r\n" if ($in{'logout'});
print "Set-Cookie: redirect=1; path=/\r\n";
print "Set-Cookie: testing=1; path=/$sec\r\n";
&PrintHeader($charset);
打印'', "\n";
打印'', "\n";
embed_login_head();
打印 '' 。"\n";
embed_overlay_prebody();
打印 '' 。"\n";

如果（定义（$in{'失败'}））{
    if ($in{'twofactor_msg'}) {
        打印 ”
“,,”
\n";
        打印 '' 。"\n";
        打印' '。$theme_text{'login_warning'} 。
          '
 ' 。&theme_text('session_twofailed', &html_escape($in{'twofactor_msg'})) 。"\n";
        打印 '' 。"\n";
    } 别的 {
        打印 '' 。"\n";
        打印' '。
          $theme_text{'login_warning'} 。'
 ' 。"\n";
        打印 '' 。$theme_text{'theme_xhred_session_failed'} 。"\n";
        打印 '' 。"\n";
    }
} elsif ($in{'logout'}) {
    打印 '' 。"\n";
    打印' '。$theme_text{'login_success'} 。'
 ' 。"\n";
    打印 '' 。$theme_text{'session_logout'} 。"\n";
    打印 '' 。"\n";
} elsif ($in{'timed_out'}) {
    打印 '' 。"\n";
    打印' '。
      $theme_text{'login_warning'} 。'
 ' 。"\n";
    打印 '' 。&theme_text('session_timed_out', int($in{'timed_out'} / 60)) 。"\n";
    打印 '' 。"\n";
}
打印 "$text{'session_prefix'}\n";
打印 '' 。"\n";

打印 '
     '
  . (&get_product_name() eq 'webmin' ? $theme_text{'theme_xhred_titles_wm'} ：
       $theme_text{'theme_xhred_titles_um'}
  ) .
  '' 。"\n";

# 工艺标志
嵌入徽标（）；

# 登录信息
我的 $host;
if ($gconfig{'realname'}) {
    $host = &get_display_hostname();
} 别的 {
    $host = get_env('server_name');
    $host =~ s/:\d+//g;
    $host = &html_escape($host);
}
打印 '' 。&theme_text('login_message') 。' ' 。$主机。'
' . "\n";
打印 '' 。"\n";
打印 '' 。"\n";
打印
'' 。"\n";
打印 '' 。"\n";
打印 '' 。"\n";
打印 '' 。"\n";
打印
  '' 。"\n";
打印 '' 。"\n";

if ($miniserv{'twofactor_provider'}) {
    打印 '' 。"\n";
    打印 '' 。"\n";
    打印
'' 。"\n";
    打印 '' 。"\n";
}
if (!$gconfig{'noremember'}) {
    打印 '
             '
      . $theme_text{'login_save'} 。'
         ' . "\n";
}
打印 '';
打印 '  ' 。
  &theme_text('login_signin') 。'' 。"\n";

if ($text{'session_postfix'} =~ "href") {
    我的 $link = get_link($text{'session_postfix'}, '丑陋');

    打印'[0]。'", "' . $链接->[1] 。
'", "toolbar=no,menubar=no,scrollbars=no,resizable=yes,width=700,height=500");return false;\' class="btn btn-warning"> '
      . &theme_text('login_reset')
      . '' 。"\n";
}

打印 '';
打印 '' 。"\n";

&footer();

我正在尝试在 html 目录中执行一个简单的 hello world cgi 脚本，但它失败了。

错误日志：

[Tue May 17 14:56:15.744954 2016] [cgi:error] [pid 29997] [client 192.168.1.1:16151] End of script output before headers: hello.cgi
[Tue May 17 15:00:12.474229 2016] [cgi:error] [pid 29998] [client 192.168.1.1:16597] AH01215: (2)No such file or directory: exec of '/var/www/html/hello.cgi' failed
[Tue May 17 15:00:12.475135 2016] [cgi:error] [pid 29998] [client 192.168.1.1:16597] End of script output before headers: hello.cgi
[Tue May 17 15:00:13.176640 2016] [cgi:error] [pid 29999] [client 192.168.1.1:16600] AH01215: (2)No such file or directory: exec of '/var/www/html/hello.cgi' failed
[Tue May 17 15:00:13.177591 2016] [cgi:error] [pid 29999] [client 192.168.1.1:16600] End of script output before headers: hello.cgi
[Tue May 17 15:00:13.640420 2016] [cgi:error] [pid 30000] [client 192.168.1.1:16603] AH01215: (2)No such file or directory: exec of '/var/www/html/hello.cgi' failed
[Tue May 17 15:00:13.641393 2016] [cgi:error] [pid 30000] [client 192.168.1.1:16603] End of script output before headers: hello.cgi

httpd 配置：

# Further relax access to the default document root:
<Directory "/var/www/html">
    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/2.4/mod/core.html#options
    # for more information.
    #
    Options -Indexes +FollowSymLinks +ExecCGI
    AddHandler cgi-script .cgi .pl

    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #
    AllowOverride None

    #
    # Controls who can get stuff from this server.
    #
    Require all granted
</Directory>

你好.cgi 文件：

#!/usr/bin/perl
print "Content-type: text/html\n\n"; # This is mandatory.
print "<h2>Hello world!</h2>";

我正在尝试在运行 OS X Lion 的 Macbook 上使用 Apache 运行一个简单的 CGI perl 脚本（见下文），但我很难让它运行即使是最简单的脚本。我已经在设置中打开了网络共享，我确信我已经安装了 perl，但我无法让它正常运行。我认为这与我的httpd.conf文件或我放置脚本文件的位置有关。我已经在下面发布了我的 httpd.conf 文件（抱歉，它太长了，或者如果它违反堆栈溢出规则发布这么长的东西。）

两个问题。首先，我的 httpd.conf 文件看起来是否正确（我遵循了一些在线教程，但它们不完整，因此可能会稍微弄乱）。其次，如果文件是正确的，我应该把我的脚本放在哪里才能使它们正常运行？为了对此进行测试，我一直在将浏览器指向http://localhost/first.cgi，目前我收到 403 forbidden 错误；但是，过去我遇到过 404 not found 错误。帮助将不胜感激

我尝试运行的程序另存为first.cgi

#!/usr/bin/perl -wT
print "Content-type: text/html\n\n";
print "<h2>Hello, World!</h2>\n";

httpd.conf 文件位于 /opt/local/apache2/conf/httpd.conf

#
# This is the main Apache HTTP server configuration file.  It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.
# In particular, see 
# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
# for a discussion of each configuration directive.
#
# Do NOT simply read the instructions in here without understanding
# what they do.  They're here only as hints or reminders.  If you are unsure
# consult the online docs. You have been warned.  
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path.  If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/foo_log"
# with ServerRoot set to "/opt/local/apache2" will be interpreted by the
# server as "/opt/local/apache2/logs/foo_log".

#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# Do not add a slash at the end of the directory path.  If you point
# ServerRoot at a non-local disk, be sure to point the LockFile directive
# at a local disk.  If you wish to share the same ServerRoot for multiple
# httpd daemons, you will need to change at least LockFile and PidFile.
#
ServerRoot "/opt/local/apache2"

#
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to 
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
Listen 80

#
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
#
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbd_module modules/mod_authn_dbd.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule cache_module modules/mod_cache.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule dbd_module modules/mod_dbd.so
LoadModule dumpio_module modules/mod_dumpio.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
LoadModule substitute_module modules/mod_substitute.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule log_forensic_module modules/mod_log_forensic.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule ident_module modules/mod_ident.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule imagemap_module modules/mod_imagemap.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule php5_module modules/libphp5.so
AddHandler application/x-httpd-php .php

<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.  
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
User www
Group www

</IfModule>
</IfModule>

# 'Main' server configuration
#
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition.  These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
#
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
#

#
# ServerAdmin: Your address, where problems with the server should be
# e-mailed.  This address appears on some server-generated pages, such
# as error documents.  e.g. [email protected]
#
ServerAdmin [email protected]

#
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
#
#ServerName www.example.com:80

#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
DocumentRoot "/opt/local/apache2/htdocs"

#
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories). 
#
# First, we configure the "default" to be a very restrictive set of 
# features.  
#
<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#

#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/Library/WebServer/Documents">
    #
    # Possible values for the Options directive are "None", "All",
    # or any combination of:
    #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
    #
    # Note that "MultiViews" must be named *explicitly* --- "Options All"
    # doesn't give it to you.
    #
    # The Options directive is both complicated and important.  Please see
    # http://httpd.apache.org/docs/2.2/mod/core.html#options
    # for more information.
    #
    Options Indexes FollowSymLinks

    #
    # AllowOverride controls what directives may be placed in .htaccess files.
    # It can be "All", "None", or any combination of the keywords:
    #   Options FileInfo AuthConfig Limit
    #
    AllowOverride None

    #
    # Controls who can get stuff from this server.
    #
    Order allow,deny
    Allow from all

</Directory>

#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
<IfModule dir_module>
    DirectoryIndex index.html
</IfModule>

#
# The following lines prevent .htaccess, .htpasswd and .DS_Store files and
# Mac resource forks and named forks from being viewed by Web clients.
#
<Files ~ "^\.([Hh][Tt]|[Dd][Ss]_[Ss])">
    Order allow,deny
    Deny from all
    Satisfy All
</Files>
<Files "rsrc">
    Order allow,deny
    Deny from all
    Satisfy All
</Files>
<DirectoryMatch ".*\.\.namedfork">
    Order allow,deny
    Deny from all
    Satisfy All
</DirectoryMatch>

#
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here.  If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog "logs/error_log"

#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn

<IfModule log_config_module>
    #
    # The following directives define some format nicknames for use with
    # a CustomLog directive (see below).
    #
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    <IfModule logio_module>
      # You need to enable mod_logio.c to use %I and %O
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

    #
    # The location and format of the access logfile (Common Logfile Format).
    # If you do not define any access logfiles within a <VirtualHost>
    # container, they will be logged here.  Contrariwise, if you *do*
    # define per-<VirtualHost> access logfiles, transactions will be
    # logged therein and *not* in this file.
    #
    CustomLog "logs/access_log" common

    #
    # If you prefer a logfile with access, agent, and referer information
    # (Combined Logfile Format) you can use the following directive.
    #
    #CustomLog "logs/access_log" combined
</IfModule>

<IfModule alias_module>
    #
    # Redirect: Allows you to tell clients about documents that used to 
    # exist in your server's namespace, but do not anymore. The client 
    # will make a new request for the document at its new location.
    # Example:
    # Redirect permanent /foo http://www.example.com/bar

    #
    # Alias: Maps web paths into filesystem paths and is used to
    # access content that does not live under the DocumentRoot.
    # Example:
    # Alias /webpath /full/filesystem/path
    #
    # If you include a trailing / on /webpath then the server will
    # require it to be present in the URL.  You will also likely
    # need to provide a <Directory> section to allow access to
    # the filesystem path.

    #
    # ScriptAlias: This controls which directories contain server scripts. 
    # ScriptAliases are essentially the same as Aliases, except that
    # documents in the target directory are treated as applications and
    # run by the server when requested rather than as documents sent to the
    # client.  The same rules about trailing "/" apply to ScriptAlias
    # directives as to Alias.
    #
    ScriptAlias /cgi-bin/ "/opt/local/apache2/cgi-bin/"

</IfModule>

<IfModule cgid_module>
    #
    # ScriptSock: On threaded servers, designate the path to the UNIX
    # socket used to communicate with the CGI daemon of mod_cgid.
    #
    #Scriptsock logs/cgisock
</IfModule>

#
# "/opt/local/apache2/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#
<Directory "/opt/local/apache2/cgi-bin">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
</Directory>

#
# DefaultType: the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value.  If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain

<IfModule mime_module>
    #
    # TypesConfig points to the file containing the list of mappings from
    # filename extension to MIME-type.
    #
    TypesConfig conf/mime.types

    #
    # AddType allows you to add to or override the MIME configuration
    # file specified in TypesConfig for specific file types.
    #
    #AddType application/x-gzip .tgz
    #
    # AddEncoding allows you to have certain browsers uncompress
    # information on the fly. Note: Not all browsers support this.
    #
    #AddEncoding x-compress .Z
    #AddEncoding x-gzip .gz .tgz
    #
    # If the AddEncoding directives above are commented-out, then you
    # probably should define those extensions to indicate media types:
    #
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz

    #
    # AddHandler allows you to map certain file extensions to "handlers":
    # actions unrelated to filetype. These can be either built into the server
    # or added with the Action directive (see below)
    #
    # To use CGI scripts outside of ScriptAliased directories:
    # (You will also need to add "ExecCGI" to the "Options" directive.)
    #
    #AddHandler cgi-script .cgi

    # For type maps (negotiated resources):
    #AddHandler type-map var

    #
    # Filters allow you to process content before it is sent to the client.
    #
    # To parse .shtml files for server-side includes (SSI):
    # (You will also need to add "Includes" to the "Options" directive.)
    #
    #AddType text/html .shtml
    #AddOutputFilter INCLUDES .shtml
</IfModule>

#
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type.  The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#
#MIMEMagicFile conf/magic

#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#

#
# MaxRanges: Maximum number of Ranges in a request before
# returning the entire resource, or one of the special
# values 'default', 'none' or 'unlimited'.
# Default setting is to accept 200 Ranges.
#MaxRanges unlimited

#
# EnableMMAP and EnableSendfile: On systems that support it, 
# memory-mapping or the sendfile syscall is used to deliver
# files.  This usually improves server performance, but must
# be turned off when serving from networked-mounted 
# filesystems or if support for these functions is otherwise
# broken on your system.
#
#EnableMMAP off
#EnableSendfile off

# Supplemental configuration
#
# The configuration files in the conf/extra/ directory can be 
# included to add extra features or to modify the default configuration of 
# the server, or you may simply copy their contents here and change as 
# necessary.

# Server-pool management (MPM specific)
#Include conf/extra/httpd-mpm.conf

# Multi-language error messages
#Include conf/extra/httpd-multilang-errordoc.conf

# Fancy directory listings
#Include conf/extra/httpd-autoindex.conf

# Language settings
#Include conf/extra/httpd-languages.conf

# User home directories
#Include conf/extra/httpd-userdir.conf

# Real-time info on requests and configuration
#Include conf/extra/httpd-info.conf

# Virtual hosts
#Include conf/extra/httpd-vhosts.conf

# Local access to the Apache HTTP Server Manual
#Include conf/extra/httpd-manual.conf

# Distributed authoring and versioning (WebDAV)
#Include conf/extra/httpd-dav.conf

# Various default settings
#Include conf/extra/httpd-default.conf

# Secure (SSL/TLS) connections
#Include conf/extra/httpd-ssl.conf
#
# Note: The following must must be present to support
#       starting without SSL on platforms with no /dev/random equivalent
#       but a statically compiled-in mod_ssl.
#
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

我是一名 Web 开发人员，我已要求我们的系统管理员为我的团队设置一台服务器，用作开发环境。

PHP 作为 CGI 运行。当我尝试打开http://myaddress/时，我收到403 Forbidden。当我尝试打开http://myaddress/index.php 时一切正常。

如何设置服务器默认查找index.php文件？

PS 系统管理员目前不在这里，所以他不能为我做这件事。

这是服务器块中配置的一部分：

我无法执行任何 php 脚本，我test.php在 /var/html 下放置了一个名为的文件，但是当我指向时http://localhost/test.php，我得到了一个结果：

File not found.,

这不是 nginx 生成的，因为它与 nginx 的 404 页面不同。

location / {
    root   /var/html;
    index  index.html index.htm;
}

    location ~ \.php$ {
        fastcgi_pass   unix:/var/run/php-fpm/php-fpm.sock;
        fastcgi_index  index.php; 
        fastcgi_intercept_errors on;
        fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
        fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
        include        fastcgi.conf;
    }

我错过了什么吗？