Caddy Erros: page can’t be found and Access to sub.domainname.com was denied

1. Output of caddy version:

v2.6.2 h1:wKoFIxpmOJLGl3QXoo6PNbYvGW4xLEgo32GPBEjWL8o=

2. How I run Caddy:

a. System environment:

Centos 7

b. Command:

Paste command here.

c. Service/unit/compose file:

Paste full file contents here.
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane. -->

Hello guys!
I have a strange problem
I have installed caddy, at first everything is fine, the default page is loading properly, no problem at all.
and then when I change site path from “root * /usr/share/caddy” to “root * /var/www/html” it stops and page is not loading, I tried charging ownership of folders and files, I also tried copying the exact same index.html from /usr/share/caddy/ path, it didn’t work.

When I load website via its address it says: “page can’t be found” and when I add /index.html at the end of the website address, it says: “Access to sub.domainname.com was denied”
everything is the same, just changing site path, nothing else.

d. My complete Caddy config:

Paste your config here, replacing this text.
Use `caddy fmt` to make it readable.
DO NOT REDACT anything except credentials.
LEAVE DOMAIN NAMES INTACT.
Make sure the backticks stay on their own lines.

3. The problem I’m having:

4. Error messages and/or full log output:

“page can’t be found”
“Access to sub.domainname.com was denied”

Paste logs/commands/output here.
USE THE PREVIEW PANE TO MAKE SURE IT LOOKS NICELY FORMATTED.

5. What I already tried:

I tried charging ownership of folders and files, I also tried copying the exact same index.html from /usr/share/caddy/ path

6. Links to relevant resources:

Please completely fill out the help topic template. You haven’t shown us your entire config, nor your logs.

my config file is the same as default except my domain address of course, I already described,
there is no log at all

I couldn’t edit my question to add config file there, so I’m pasting it here:

test.domainname.com {
# Set this path to your site’s directory.
# root * /usr/share/caddy
root * /var/www/html
# Enable the static file server.
file_server

    log {
            output file /var/log/caddy/access.log
    }

    # Another common task is to set up a reverse proxy:
    # reverse_proxy localhost:8080

    # Or serve a PHP site through php-fpm:
    # php_fastcgi localhost:9000

}

systemctl status caddy -l :

2023-01-09 21:03:03.452080713 +0330 +0330 m=+1590.468893311 write error: can’t rename log file: rename /var/log/caddy/access.log /var/log/caddy/access-2023-01-09T17-33-03.452.log: permission denied

Update topic:

=========================================================================

config file content:

The Caddyfile is an easy way to configure your Caddy web server.

Unless the file starts with a global options block, the first

uncommented line is always the address of your site.

To use your own domain name (with automatic HTTPS), first make

sure your domain’s A/AAAA DNS records are properly pointed to

this machine’s public IP, then replace “:80” below with your

domain name.

{
debug
}

sub.domainname.com {
tls admin@sub.domainname.com

    # Set this path to your site's directory.
    #       root * /usr/share/caddy
    root * /var/www/html
    # Enable the static file server.
    file_server
    log {
            output file /var/log/caddy/access.log
    }
    # Another common task is to set up a reverse proxy:
    # reverse_proxy localhost:8080

    # Or serve a PHP site through php-fpm:
    # php_fastcgi localhost:9000

}

Refer to the Caddy docs for more information:

The Caddyfile — Caddy Documentation

=========================================================================

“systemctl status caddy -l” results:

Jan 09 23:41:06 sub.domainname.com caddy[1148]: {“level”:“debug”,“ts”:1673295066.0813782,“logger”:“http.log.error.log0”,“msg”:“stat /var/www/html/index.html: permission denied”,“request”:{“remote_ip”:“Remote_IP_ADDRESS”,“remote_port”:“3416”,“proto”:“HTTP/2.0”,“method”:“GET”,“host”:“sub.domainname.com”,“uri”:“/index.html”,“headers”:{“Sec-Fetch-Site”:[“none”],“Accept-Language”:[“en-US,en;q=0.9,fa;q=0.8”],“Accept”:[“text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Upgrade-Insecure-Requests”:[“1”],“Sec-Fetch-Dest”:[“document”],“Accept-Encoding”:[“gzip, deflate, br”],“Cookie”:[],“Pragma”:[“no-cache”],“Sec-Ch-Ua”:[“"Not?A_Brand";v="8", "Chromium";v="108", "Microsoft Edge";v="108"”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.76”],“Cache-Control”:[“no-cache”],“Sec-Ch-Ua-Platform”:[“"Windows"”],“Sec-Fetch-Mode”:[“navigate”],“Sec-Fetch-User”:[“?1”],“Sec-Ch-Ua-Mobile”:[“?0”]},“tls”:{“resumed”:false,“version”:772,“cipher_suite”:4865,“proto”:“h2”,“server_name”:“sub.domainname.com”}},“duration”:0.006297215,“status”:403,“err_id”:“8c5z454pv”,“err_trace”:“fileserver.(*FileServer).ServeHTTP (staticfiles.go:253)”}

Jan 09 23:41:06 sub.domainname.com caddy[1148]: 2023-01-09 23:41:06.081456554 +0330 +0330 m=+71.616143385 write error: can’t rename log file: rename /var/log/caddy/access.log /var/log/caddy/access-2023-01-09T20-11-06.082.log: permission denied

Jan 09 23:41:09 sub.domainname.com caddy[1148]: {“level”:“debug”,“ts”:1673295069.9932365,“logger”:“http.handlers.file_server”,“msg”:“sanitized path join”,“site_root”:“/var/www/html”,“request_path”:“/”,“result”:“/var/www/html”}

Jan 09 23:41:09 sub.domainname.com caddy[1148]: {“level”:“debug”,“ts”:1673295069.9934742,“logger”:“http.handlers.file_server”,“msg”:“no index file in directory”,“path”:“/var/www/html”,“index_filenames”:[“index.html”,“index.txt”]}

Jan 09 23:41:09 sub.domainname.com caddy[1148]: {“level”:“debug”,“ts”:1673295069.9935436,“logger”:“http.log.error.log0”,“msg”:“{id=dev40jzk8} fileserver.(FileServer).notFound (staticfiles.go:579): HTTP 404",“request”:{“remote_ip”:“Remote_IP_ADDRESS”,“remote_port”:“3416”,“proto”:“HTTP/2.0”,“method”:“GET”,“host”:“sub.domainname.com”,“uri”:“/”,“headers”:{“Cookie”:[],“Sec-Ch-Ua-Mobile”:[“?0”],“Sec-Fetch-Site”:[“none”],“Sec-Fetch-Mode”:[“navigate”],“Sec-Fetch-User”:[“?1”],“Sec-Fetch-Dest”:[“document”],“Accept-Encoding”:[“gzip, deflate, br”],“Accept-Language”:[“en-US,en;q=0.9,fa;q=0.8”],“Sec-Ch-Ua”:[“"Not?A_Brand";v="8", "Chromium";v="108", "Microsoft Edge";v="108"”],“Sec-Ch-Ua-Platform”:[“"Windows"”],“Upgrade-Insecure-Requests”:[“1”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.76”],“Accept”:["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/*;q=0.8,application/signed-exchange;v=b3;q=0.9”]},“tls”:{“resumed”:false,“version”:772,“cipher_suite”:4865,“proto”:“h2”,“server_name”:“sub.domainname.com”}},“duration”:0.00030641,“status”:404,“err_id”:“dev40jzk8”,“err_trace”:“fileserver.(*FileServer).notFound (staticfiles.go:579)”}

Jan 09 23:41:09 sub.domainname.com caddy[1148]: 2023-01-09 23:41:09.993564957 +0330 +0330 m=+75.528251759 write error: can’t rename log file: rename /var/log/caddy/access.log /var/log/caddy/access-2023-01-09T20-11-09.993.log: permission denied

Jan 09 23:41:12 sub.domainname.com caddy[1148]: {“level”:“debug”,“ts”:1673295072.6095545,“logger”:“http.handlers.file_server”,“msg”:“sanitized path join”,“site_root”:“/var/www/html”,“request_path”:“/”,“result”:“/var/www/html”}

Jan 09 23:41:12 sub.domainname.com caddy[1148]: {“level”:“debug”,“ts”:1673295072.6096947,“logger”:“http.handlers.file_server”,“msg”:“no index file in directory”,“path”:“/var/www/html”,“index_filenames”:[“index.html”,“index.txt”]}

Jan 09 23:41:12 sub.domainname.com caddy[1148]: {“level”:“debug”,“ts”:1673295072.6097376,“logger”:“http.log.error.log0”,“msg”:“{id=rexh904wg} fileserver.(FileServer).notFound (staticfiles.go:579): HTTP 404",“request”:{“remote_ip”:“Remote_IP_ADDRESS”,“remote_port”:“3416”,“proto”:“HTTP/2.0”,“method”:“GET”,“host”:“sub.domainname.com”,“uri”:“/”,“headers”:{“Accept”:["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/*;q=0.8,application/signed-exchange;v=b3;q=0.9”],“Sec-Fetch-Mode”:[“navigate”],“Pragma”:[“no-cache”],“Sec-Ch-Ua”:[“"Not?A_Brand";v="8", "Chromium";v="108", "Microsoft Edge";v="108"”],“Cookie”:[],“Cache-Control”:[“no-cache”],“Sec-Ch-Ua-Mobile”:[“?0”],“Sec-Fetch-Site”:[“none”],“Sec-Fetch-Dest”:[“document”],“Accept-Encoding”:[“gzip, deflate, br”],“Accept-Language”:[“en-US,en;q=0.9,fa;q=0.8”],“Sec-Ch-Ua-Platform”:[“"Windows"”],“Upgrade-Insecure-Requests”:[“1”],“User-Agent”:[“Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.76”],“Sec-Fetch-User”:[“?1”]},“tls”:{“resumed”:false,“version”:772,“cipher_suite”:4865,“proto”:“h2”,“server_name”:“sub.domainname.com”}},“duration”:0.000225454,“status”:404,“err_id”:“rexh904wg”,“err_trace”:“fileserver.(*FileServer).notFound (staticfiles.go:579)”}

Jan 09 23:41:12 sub.domainname.com caddy[1148]: 2023-01-09 23:41:12.609757303 +0330 +0330 m=+78.144444113 write error: can’t rename log file: rename /var/log/caddy/access.log /var/log/caddy/access-2023-01-09T20-11-12.609.log: permission denied

The default systemd service will run Caddy as the caddy user. You need to make sure /var/log/caddy and /var/www/html are readable by the caddy user.

ls -la /var/www/html
total 24
drwxr-xr-x. 3 caddy caddy 4096 Jan 8 12:39 .
drwxr-xr-x. 3 caddy caddy 4096 Jan 8 12:33 …
-rw-r–r–. 1 caddy caddy 12226 Jan 8 12:39 index.html

ls -la /var/log/caddy
total 8
drwxr-xr-x. 2 caddy caddy 4096 Jan 9 20:38 .
drwxr-xr-x. 9 root root 4096 Jan 10 03:07 …
-rw-r–r–. 1 caddy caddy 0 Jan 9 20:38 access_caddy.log
-rw-r–r–. 1 caddy caddy 0 Jan 6 06:32 access.log
-rw-r–r–. 1 caddy caddy 0 Jan 6 07:16 plantsdb.log

You’re on Centos. You might have some SELinux rules which might be preventing the caddy user from reading the files. You’ll need to look into that.

how? where?

I don’t use Centos myself. And this isn’t a problem with Caddy, really. I can’t answer that. You’ll need to do your own research to figure out what’s causing the permissions problems on your system.

My problem has been solved with this solution, I’m sharing it, maybe someday, someone could face this problem, and this could help.

2 Likes