Linux Survival Basics
Read-only, can be slowFind Apache DocumentRoot and Directory Rules
You need DocumentRoot and access-control directives from enabled Apache config.
Command
grep -RInE 'DocumentRoot|<Directory|Require all|Options|AllowOverride' /etc/apache2/sites-enabled /etc/apache2/conf-enabled /etc/httpd/conf.d 2>/dev/null
Before you run this
System impact: Read-only. Can create load on large logs, directories, filesystems, or process tables.
When not to use it: Do not chmod the web tree before checking the Directory and Require rules.
Expected output
Matching config lines with file names and line numbers.
System impact
Read-only, can be slow. Nothing changes. The command reads current state and prints diagnostic evidence.
May require elevated permissions on protected paths or service-owned files.
Scope this to the smallest useful path or service on busy systems.
Recovery / rollback: no state is changed.
When to use it
Use when Apache returns 403 for a path that appears to exist.
When not to use it
Do not chmod the web tree before checking the Directory and Require rules.
Common misread
Do not chmod the web tree before checking the Directory and Require rules.
Example run
Commands shown
These are the commands shown for inspection. Treat them as an example, not proof that your system will behave identically.
grep -RInE 'DocumentRoot|<Directory|Require all|Options|AllowOverride' /etc/apache2/sites-enabled /etc/apache2/conf-enabled /etc/httpd/conf.d 2>/dev/nullgrep -RInE 'DocumentRoot|<Directory|Require all|Options|AllowOverride' /etc/apache2/sites-enabled /etc/apache2/conf-enabled /etc/httpd/conf.d 2>/dev/null
next steps
Related commands
Find Nginx root alias and access rules
One deny or alias can explain the whole 403.
grep -RInE 'root|alias|deny|allow' /etc/nginx/sites-enabled /etc/nginx/conf.d 2>/dev/null
Find Nginx SSL Certificate Directives
The wrong certificate is often in the server block.
grep -RInE 'ssl_certificate|ssl_certificate_key|server_name' /etc/nginx/sites-enabled /etc/nginx/conf.d 2>/dev/null
List Enabled Apache Sites
Apache may not be using the vhost file you edited.
find /etc/apache2/sites-enabled -maxdepth 1 -type l -printf '%f -> %l
' 2>/dev/null | sort
Find Apache Document Roots
Apache was serving files from a different directory than expected.
grep -RInE '^[[:space:]]*DocumentRoot[[:space:]]' /etc/apache2/sites-enabled 2>/dev/null
Map Apache Virtual Hosts
Apache chose a virtual host. You need to know which one.
grep -RInE '<VirtualHost|ServerName|ServerAlias' /etc/apache2/sites-enabled 2>/dev/null
next diagnostic step
Where to go from this command
- Related problem hub Use this command as part of the repair path.
Study mapping
Use this as independent command practice: read the notes, predict the output, then compare it with the example before using a real shell.
Independent study support only. No affiliation, endorsement, exam dumps, or real exam questions.