Apache Web Server Troubleshooting Lab

Overview

This lab teaches systematic troubleshooting of an Apache HTTP Server with permission and SELinux issues. Through a realistic scenario featuring Manager Scott (an IT manager who’s a bit out of touch with modern practices), students learn to methodically diagnose and fix web server problems.

Learning Objectives

• Apply a structured troubleshooting methodology

• Diagnose Apache HTTP Server permission issues

• Understand and fix SELinux context problems

• Use system logs and error messages as evidence

• Implement security best practices without shortcuts

Lab Scenario

The ACME Corporation website is down, returning 403 Forbidden errors. The issues are:

• File permissions set too restrictively (700/600 instead of 755/644)

• SELinux context incorrect (user_home_t instead of httpd_sys_content_t)

Students will learn to gather evidence, test hypotheses, and implement proper fixes rather than using insecure shortcuts like chmod 777 or disabling SELinux.

Module Structure

Module 1: The Urgent Call

Introduction to the scenario with Manager Scott requesting help with the down website.

Module 2: Gathering Evidence

Students check Apache status, logs, file permissions, and SELinux contexts to collect facts.

Module 3: Identifying the Problems

Students test hypotheses about permissions vs SELinux, confirming both are contributing factors.

Module 4: Implementing the Fix

Students apply proper fixes (755/644 permissions and restorecon) and verify the website works.

Technical Details

• Platform: RHEL 10

• Services: Apache HTTP Server (httpd)

• Document Root: /var/www/acme-corp

• Key Concepts: File permissions, SELinux contexts, methodical troubleshooting

Local Testing

Use the included utilities for local testing:

cd utilities
./lab-build   # Build the documentation
./lab-serve   # Serve locally at http://localhost:8080
./lab-stop    # Stop the local server
./lab-clean   # Clean build artifacts