Solving the problem with error AH01630 of the Apache web server.

Symptoms

When opening a web page if the rights are set incorrectly, web server error AH01630 occurs.

There are errors like this in the access log.

[Mon Jun 02 13:04:22.143071 2025] [authz_core:error] [pid 46931] [client 127.0.0.1:52900] AH01630: client denied by server configuration: /home/user/site/
[Mon Jun 02 13:05:49.982705 2025] [authz_core:error] [pid 47024] [client 127.0.0.1:44616] AH01630: client denied by server configuration: /home/user/site/index.php

The reason lies in the Apache configuration setting.

How can I reproduce the error?

sudo nano /etc/apache2/apache2.conf

        Options FollowSymLinks
        AllowOverride None
        Require all Denied

Ctrl+O, "Enter", Ctrl-X

systemctl restart apache2.service

Now, whenever you try to open a website, you will receive error AH01630.

How to solve the problem?

1. Editing the apache2.conf file

In file /etc/apache2/apache2.conf there must beRequire all Granted

        Options FollowSymLinks
        AllowOverride All

        Require all Granted

The AllowOverride All directive is optional. If None, then .htaccess files have no effect.

2. Enabling the a2enmod vhost_alias_module module for virtual hosts

sudo a2enmod vhost_alias
sudo a2enmod mod_authz_host
sudo systemctl restart apache2

This command is needed for the next point.

3. Editing .conf files in the sites-available directory - virtual host configuration files

We restrict access rights to sites and virtual directories in files

sudo nano /etc/apache2/sites-available/file.conf

In the virtual host description section, look for the Directory section - it describes the folder where PHP documents and Apache access rights are located:

    Options Indexes MultiViews
    AllowOverride All
    Require all Denied
    Allow from 127.0.0.1

Here I restricted access to the test server only from the current computer - web server (localhost) 127.0.0.1.

To allow full access from any IP addresses, you need to remove the directive "Allow from 127.0.0.1" and allow access from everywhere Require all Granted.

Restarting the service Re-reading the Apache web server configuration files after editing the .conf files

sudo systemctl reload apache2.service

or

sudo apachectl -k graceful

4. Check for a hidden .htaccess file in the home directory of the site

.htaccess files act on every request for a web server document. The file must be located in the site's document home directory and may also contain legacy Order deny, allow directives. According to official documentation for migrating from Apache 2.2 to Apache 2.4, mixing new directives AllowOverride and the old "Order deny, allow" can lead to unpredictable consequences.

5. Web server access rights to files

Setting the correct access rights to the ./site_dir directory and all files in it.

cd ~
sudo chown -R www-data:www-data ./site_dir
sudo find site_dir/ -type d -exec chmod 755 {} \;
sudo find site_dir/ -type f -exec chmod 644 {} \;

6. Hosts file

cat /etc/hosts | less

In it, I previously added a line like
127.0.0.1 mysite

Where mysite is the site alias name for the virtual host (corresponds to the ServerName mysite directive
in the file /etc/apache2/sites-available/file.conf

Check

Checking the opening of a web page in a browser with the prefix http://mysite - the website opens without errors.

Related publications

Stop and disable TimeShift to save disk space

Troubleshooting L2TP/IPsec connection errors "Could not add IPsec connection" and "no acceptable traffic selectors found"

Hard disk partitioning for installing Linux Mint on an old PC with BIOS in GPT mode

Updating Linux Mint 21.3 Virginia to Linux Mint 22.3 Zena

Removing the Xanmod kernel from a Linux operating system