followed the slackware 10 install ..... everything fine except when trying to vie the qmailadmin page ...... apaches error log says

[Mon Feb 21 15:12:54 2005] [error] [client 127.0.0.1] client denied by server configuration: /var/www/cgi-bin/qmailadmin

configured the src before install like this
./configure --enable-htmldir=/var/www/htdocs/ --enable-cgibindir=/var/www/cgi-bin/

then a make && make install ......

but still dont get what the tutorial says .........

Are you sure that your /var/www directories all exist and have the proper permissions?

Here's my apache configure command (apache 2.0.52):

./configure \
--prefix=/etc/apache \
--enable-ssl \
--enable-rewrite \
--enable-speling \
--enable-deflate \
--enable-logio \
--with-mpm=prefork \
--enable-expires

For PHP (php-4.3.9):

./configure \
--with-apxs2=/etc/apache/bin/apxs \
--with-mysql \
--with-config-file-path=/etc/apache/conf \
--enable-track-vars \
--enable-force-cgi-redirect \
--with-gettext \
--with-zlib \
--with-gd

I also use phpMyAdmin for MySQL administration, version phpMyAdmin-2.5.6.

And here's my qmailadmin configure command (pretty close to yours):

./configure \
--enable-cgibindir=/var/www/cgi-bin \
--enable-htmldir=/var/www/html

And, here's my httpd.conf file (warning: this is just an example, and you will have to customize it if you wanna use it; see the bottom of this post):


ServerRoot "/etc/apache"

PidFile /var/run/httpd.pid

# Timeout: The number of seconds before receives and sends time out.
Timeout 300

KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15

<IfModule prefork.c>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 150
MaxRequestsPerChild 0
</IfModule>

Listen 9000
Listen 443

#
# Dynamic Shared Object (DSO) Support

LoadModule php4_module modules/libphp4.so

User nobody
Group www

ServerAdmin hostmaster@<domain>
ServerName <domain>:9000

#
# UseCanonicalName: Determines how Apache constructs self-referencing
# URLs and the SERVER_NAME and SERVER_PORT variables.
# When set "Off", Apache will use the Hostname and Port supplied
# by the client. When set "On", Apache will use the value of the
# ServerName directive.
#
UseCanonicalName Off

DocumentRoot "/var/www/html"

<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>

<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>

UserDir public_html
UserDir disabled root

<Directory /home/*/public_html>
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch -Includes
<Limit GET POST OPTIONS>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>

<Directory /home/*/public_html/cgi-bin>
Options ExecCGI
SetHandler cgi-script
</Directory>

DirectoryIndex index.html index.php index.htm default.html index.html.gz index.htm.gz default.html.gz

AccessFileName .htaccess

<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>

TypesConfig conf/mime.types

DefaultType application/octet-stream

<IfModule mod_mime_magic.c>
MIMEMagicFile conf/magic
</IfModule>

HostnameLookups Off

EnableMMAP on

EnableSendfile on

# Logs ==========================================

LogLevel warn

ErrorLog "|/usr/local/bin/setuidgid httplog /usr/local/bin/multilog t /var/log/apache/error"

#LogFormat "%v %p %h %u \"%r\" %>s %b" common
LogFormat "%v %p %h %u \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" common
CustomLog "|/usr/local/bin/setuidgid httplog /usr/local/bin/multilog t /var/log/apache/access" common

LogFormat "%{Referer}i -> %U" referer
CustomLog "|/usr/local/bin/setuidgid httplog /usr/local/bin/multilog t /var/log/apache/referer" referer

LogFormat "%{User-agent}i" agent
CustomLog "|/usr/local/bin/setuidgid httplog /usr/local/bin/multilog t /var/log/apache/agent" agent

# End of logs ===================================

ServerTokens Prod

ServerSignature Off

# Aliases: Add here as many aliases as you need (with no limit).

Alias /icons/ "/var/www/icons/"

<Directory "/var/www/icons/">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

<IfModule mod_cgid.c>
#
# Additional to mod_cgid.c settings, mod_cgid has Scriptsock <path>
# for setting UNIX socket for communicating with cgid.
#
#Scriptsock logs/cgisock
</IfModule>

<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>

#
# Redirect allows you to tell clients about documents which used to exist in
# your server's namespace, but do not anymore. This allows you to tell the
# clients where to look for the relocated document.
# Example:
# Redirect permanent /foo http://www.example.com/bar

#
# Directives controlling the display of server-generated directory listings.
#

#
# IndexOptions: Controls the appearance of server-generated directory
# listings.
#
IndexOptions FancyIndexing VersionSort FoldersFirst DescriptionWidth=* NameWidth=* XHTML

#
# AddIcon* directives tell the server which icon to show for different
# files or filename extensions. These are only displayed for
# FancyIndexed directories.
#
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*

AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core

AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^

#
# DefaultIcon is which icon to show for files which do not have an icon
# explicitly set.
#
DefaultIcon /icons/unknown.gif

#
# AddDescription allows you to place a short description after a file in
# server-generated indexes. These are only displayed for FancyIndexed
# directories.
# Format: AddDescription "description" filename
#
AddDescription "BZIP2 compressed document" .bz2
AddDescription "GZIP compressed document" .gz
AddDescription "GZIP compressed tar archive" .tar.gz
AddDescription "BZIP2 compressed tar archive" .tar.bz2
AddDescription "tar archive" .tar
AddDescription "GZIP compressed tar archive" .tgz
AddDescription "Adobe Portable Document" .pdf
AddDescription "Adobe Portable Document" .PDF

#
# ReadmeName is the name of the README file the server will look for by
# default, and append to directory listings.
#
# HeaderName is the name of a file which should be prepended to
# directory indexes.
ReadmeName README.html
HeaderName HEADER.html

#
# IndexIgnore is a set of filenames which directory indexing should ignore
# and not include in the listing. Shell-style wildcarding is permitted.
#
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

DefaultLanguage en

AddDefaultCharset ISO-8859-1

#
# Commonly used filename extensions to character sets. You probably
# want to avoid clashes with the language extensions, unless you
# are good at carefully testing your setup after each change.
# See http://www.iana.org/assignments/character-sets for the
# official list of charset names and their respective RFCs.
#
AddCharset ISO-8859-1 .iso8859-1 .latin1
AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
AddCharset ISO-8859-3 .iso8859-3 .latin3
AddCharset ISO-8859-4 .iso8859-4 .latin4
AddCharset ISO-8859-5 .iso8859-5 .latin5 .cyr .iso-ru
AddCharset ISO-8859-6 .iso8859-6 .latin6 .arb
AddCharset ISO-8859-7 .iso8859-7 .latin7 .grk
AddCharset ISO-8859-8 .iso8859-8 .latin8 .heb
AddCharset ISO-8859-9 .iso8859-9 .latin9 .trk
AddCharset UTF-8 .utf8

#
# AddType allows you to add to or override the MIME configuration
# file mime.types for specific file types.
#
#AddType application/x-tar .tgz
#
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
# Despite the name similarity, the following Add* directives have nothing
# to do with the FancyIndexing customization directives above.
#

AddEncoding x-compress .Z
AddEncoding x-gzip .gz .tgz

#
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
#

#AddType application/x-compress .Z
#AddType application/x-gzip .gz .tgz
AddType application/x-httpd-php-source phps # PHP syntax coloring
AddType application/x-httpd-php php php3 php4 phtml # PHP files

#
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
#
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#

AddHandler cgi-script .cgi .py .pl .rbl

#
# For type maps (negotiated resources):
# (This is enabled by default to allow the Apache "It Worked" page
# to be distributed in multiple languages.)
#
AddHandler type-map var

#
# Filters allow you to process content before it is sent to the client.
#
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml

#
# Action lets you define media types that will execute a script whenever
# a matching file is called. This eliminates the need for repeated URL
# pathnames for oft-used CGI file processors.
# Format: Action media/type /cgi-script/location
# Format: Action handler-name /cgi-script/location
#

#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#

#
# Putting this all together, we can internationalize error responses.
#
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections. We use
# includes to substitute the appropriate text.
#
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line:
#
# Alias /error/include/ "/your/include/path/"
#
# which allows you to create your own set of files by starting with the
# /etc/apache/error/include/ files and copying them to /your/include/path/,
# even on a per-VirtualHost basis. The default include files will display
# your Apache version number and your ServerAdmin email address regardless
# of the setting of ServerSignature.
#
# The internationalized error documents require mod_alias, mod_include
# and mod_negotiation. To activate them, uncomment the following 30 lines.

# Alias /error/ "/etc/apache/error/"
#
# <Directory "/etc/apache/error">
# AllowOverride None
# Options IncludesNoExec
# AddOutputFilter Includes html
# AddHandler type-map var
# Order allow,deny
# Allow from all
# LanguagePriority en cs de es fr it nl sv pt-br ro
# ForceLanguagePriority Prefer Fallback
# </Directory>
#
# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
# ErrorDocument 410 /error/HTTP_GONE.html.var
# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var

#
# The following directives modify normal HTTP response behavior to
# handle known problems with browser implementations.
#
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0

#
# The following directive disables redirects on non-GET requests for
# a directory that does not include the trailing slash. This fixes a
# problem with Microsoft WebFolders which does not appropriately handle
# redirects for folders with DAV methods.
# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
#
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
BrowserMatch "^gnome-vfs" redirect-carefully

#
# Allow server status reports generated by mod_status,
# with the URL of http://servername/server-status
# Change the ".example.com" to match your domain to enable.
#

#<Location /status>
# SetHandler server-status
# Order deny,allow
# Deny from all
# Allow from all
#</Location>

#
# Allow remote server configuration reports, with the URL of
# http://servername/server-info (requires that mod_info.c be loaded).
# Change the ".example.com" to match your domain to enable.
#

#<Location /info>
# SetHandler server-info
# Order deny,allow
# Deny from all
# Allow from all
#</Location>

#
# Bring in additional module-specific configurations
#
<IfModule mod_ssl.c>
Include conf/ssl.conf
</IfModule>

# Compression, baby. Save that bandwidth!
<Location />
# Insert filter
SetOutputFilter DEFLATE

# Netscape 4.x has some problems...
BrowserMatch ^Mozilla/4 gzip-only-text/html

# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip

# MSIE masquerades as Netscape, but it is fine
# BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

# NOTE: Due to a bug in mod_setenvif up to Apache 2.0.48
# the above regex won't work. You can use the following
# workaround to get the desired effect:
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html

# Don't compress images
SetEnvIfNoCase Request_URI \
\.(?:gif|jpe?g|png)$ no-gzip dont-vary

# Make sure proxies don't deliver the wrong content
#Header append Vary User-Agent env=!dont-vary
</Location>

<Directory "/var/www/cgi-bin/vqadmin">
deny from all
Options ExecCGI
AllowOverride AuthConfig
Order deny,allow
</Directory>

<Directory "/var/www/html/qmailstats">
deny from all
AllowOverride AuthConfig
Order deny,allow

<Files "*-day.png">
ExpiresActive On
# five minutes
ExpiresDefault M300
</Files>

<Files "*-week.png">
ExpiresActive On
ExpiresDefault M1800
</Files>

<Files "*-month.png">
ExpiresActive On
ExpiresDefault M7200
</Files>

<Files "*-year.png">
ExpiresActive On
ExpiresDefault M86400
</Files>

<Files "*.html">
ExpiresActive On
ExpiresDefault M300
</Files>

# index.html is not automatically generated
<Files "index.html">
ExpiresActive Off
</Files>
</Directory>

<Directory "/var/www/html/webmail">
Order deny,allow
Allow from all
</Directory>

<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>

# Secure with mod_rewrite
RewriteEngine on
RewriteRule ^/bad-url$ /index.html

SSLSessionCache dbm:/etc/apache/conf/ssl_cache
SSLMutex file:/etc/apache/conf/ssl_mutex

<VirtualHost _default_:443>
ServerName <domain>
SSLEngine on
SSLCipherSuite HIGH:MEDIUM
SSLCertificateFile /etc/ssl/certs/<domain>.cert
SSLCertificateKeyFile /etc/ssl/private/<domain>.key
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
SSLProtocol all
RewriteEngine on
RewriteRule ^/bad-url$ /index.html
</VirtualHost>


This setup uses multilog to send the apache logs to /var/log/apache. Also, you'd have to take out the ssl stuff, or set up your own keys and certs. Look for the documentation for that. Plus, my server automatically compresses (using gzip) the html files it sends, as a good portion of the current webclients can decompress them as they get them (at least Firefox and Mozilla can, Opera and IE seem ok, too).

Don't just cut and paste my httpd.conf file, you MUST read about what the options do and whether or not they are what you want. This is just what I've decided upon and I am not entirely certain if this is what I will continue to use, or if it is even secure.

Replace any instance of <domain> with your domain name.

You also might want to set up a user called httplog, and a group called httplog, if you use the same logging setup I do. I wanted a separate, totally non-privileged user for my http logging. Make sure to chown /var/log/apache/* to that user/group.

That being said, I will NOT provide support to anyone who wants to use this httpd.conf file. It is provided without warranty, of any kind. If you break something using it, that is your problem. You should've read the httpd documentation. Do not ask me for help with this config. Visit httpd.apache.org or try googling if you need assistance.

Again, if you don't know what these configs do, don't use them.

Basically, the jist of that huge post is: did you make sure that your apache setup allows cgi? If I remember right, apache does not allow cgi execution by default.

apache is working enough to allow me to see and use .... http://localhost/cgi-bin/vqadmin/vqadmin.cgi

but get nothing@
http://localhost/cgi-bin/qmailadmin/

and permissions look ok.....

Did you do a make && make install or a make && make install-strip? If you didn't do the strip, do that instead and see if it works. Otherwise, the problem is likely with your apache configs.

Place the .htaccess file in the /var/www/cgi-bin