Apache Directory indexing does not work in a subdirectory

Question

I have a simple file server (apache 2.4 on centos 7) with following structure: /index.html - a page to make sure there is no directory listing here /upload - php scripts for upload /storage - base dir for files /storage/upload - files uploaded by php /storage/public - files that are not password protected

I can't make directory listing work. For example in /storage/public I see the /index.html page. There is no index.html in /storage/public. If I delete this page I see default apache "testing 123" page in / page and directory listing works in /storage/public (and all other places that have +Indexes). Why /index.html is showing in /storage/public/

<IfModule mod_ssl.c>
<VirtualHost *:443>
  DocumentRoot "/home/webroot/www"
  ServerName subdomain.example.com

  ErrorLog "/home/rootdir/log/subdomain.error.log"
  CustomLog "/home/rootdir/log/subdomain.access.log" common

  SuexecUserGroup user apache

#Set caching on image files for 11 months
<filesMatch "\.(ico|gif|jpg|png|js|css)$">
  #ExpiresActive On
  #ExpiresDefault "access plus 11 month"
  Header append Cache-Control "public"
</filesMatch>

  <Directory "/home/webroot/www" >
    AllowOverride None
    Options -ExecCGI -Indexes +Includes +SymLinksIfOwnerMatch +MultiViews

    Require all granted
  </Directory>
  <Directory "/home/webroot/www/storage/upload" >
    AllowOverride None
    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /home/rootdir/.htpasswd
    Require valid-user
    <FilesMatch "\.php$">
      SetHandler "proxy:unix:/usr/local/php73/var/run/php-fpm.sock|fcgi://localhost/"
    </FilesMatch>

  </Directory>
  <Directory "/home/webroot/www/storage/" >
    AllowOverride None
    Options +Indexes +SymLinksIfOwnerMatch +MultiViews

    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /home/rootdir/.htpasswd
    Require valid-user
    #Require all granted
    RemoveType .php

    Order allow,deny
    Allow from all
  </Directory>

  <Directory "/home/webroot/www/storage/public" >
    Options +Indexes +SymLinksIfOwnerMatch +MultiViews
    AuthType None
    Require all granted
    Satisfy Any
  </Directory>

  <Directory "/home/webroot/www/.well-known" >
    AuthType None
    Require all granted
    Satisfy Any
    Allow from all
  </Directory>

  <Directory "/home/webroot/www/storage/upload" >
    AuthType Basic
    AuthName "Restricted Content"
    AuthUserFile /home/rootdir/.htpasswd
    Require valid-user
  </Directory>

  <IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css text/javascript application/x-javascript application/javascript
  </IfModule>


Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/subdomain.example.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.example.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/subdomain.example.com/chain.pem

</VirtualHost>
</IfModule>

Update:

# apachectl -M|grep autoindex
 autoindex_module (shared)

Another vhost have the following problem: there is index.html in root folder for the vhost I use

Options -ExecCGI -Indexes

So I have a subdirectory /test and I put another index.html, but when I open /test/ in my browser I see the /index.html instead of /test/index.html

No php in this vhost at all.

Answer 1

The problem was that I had changed the global setting from:

DirectoryIndex index.php index.html

to:

DirectoryIndex /index.php index.php /index.html index.html

in an effort to fix another problem - I use php fpm server with ProxyPassMatch directive like this:

ProxyPassMatch ^/(.*.php(/.*)?)$ unix:/path/to/php-fpm.sock|fcgi://localhost/home/userdir/www/$1

As I read on apache.org. The problem with that when using ProxyPassMatch and index.php is missing apache does not load index.html (another similar problem)

Restoring global directive to:

DirectoryIndex index.php index.html

fixed the problem, but I still have the problem when having ProxyPassMatch in the vhost apache does not fall back to index.html when index.php is missing.

Now I have to award the bounty to someone. If I can't split it between the two answers I'll award it to little_dog because I think he's a bit closer to my issue.

Answer 2

The listed problem gives the impression that there is issues with permissions in the folders involved.

There are several kinds of permissions to be checked:

• process user/group of httpd:

  • use ps axo pid,user,group,comm

• file system permissions:

  • users, groups, read-, write-, execute-flags (use ls -l and or ls -lR, ls -ld)

• SELinux permissions:

  • in case it is active, which is likely on CentOS (use sestatus to verify status and mode)
  • File Permission contexts (use ls -lZ and or ls -lRZ ls -ldZ)
  • httpd SELinux context (use ps -axZ | grep httpd)
  • SELinux booleans (use getsebool -a | grep httpd)
  • check audit logs while trying to generate a directory listing (use tail -f /var/log/audit/audit.log)

Answer 3

check if you have enalbed autoindex module, by: apachectl -M should be:

Loaded Modules:
...
autoindex_module (shared)
...

if its not, you need to to enabled it, in Centos refer to: https://unix.stackexchange.com/questions/258854/disable-and-enable-modules-in-apache-centos7

update #1

for directory listing works, you can't have index.html in your directory, check: https://cwiki.apache.org/confluence/display/httpd/DirectoryListings

If no file from the DirectoryIndex directive can be located in the directory, then mod_autoindex can generate a listing of the directory contents.