In apache 2.4, the access rights configuration is different from that in 2.2. If the settings are incorrect, a 403 error will be reported, and AH01630: client denied by server configuration will be reported in the log.
[Sun Aug 27 19:01:37.591240 2017] [authz_core:error] [pid 16] [client 172.17.0.1:55766] AH01630: client denied by server configuration: /var/www/html/doc/
172.17.0.1 - - [27/Aug/2017:19:01:37 +0800] "GET /doc/ HTTP/1.1" 403 506 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0"
1. If there is a .htaccess file in the directory with the following contents, it cannot be accessed outside this directory.
## no access to this folder
# Apache 2.4
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
# Apache 2.2
<IfModule !mod_authz_core.c>
Order Allow,Deny
Deny from all
</IfModule>
You can modify Require all denied to Require all granted to allow external access, or modify to Require host localhost to only allow local access, or modify to Require ip xxxx to allow specified IP access.
If the doc of mantisbt can be accessed locally, you can modify the .htaccess file in the doc directory.
1) If it is a local installation, you can modify Require all denied to Require ip 127.0.0.1
2) If it is installed under docker, you can modify Require all denied to Require ip 172.17.0.1
Specifically, look at the client ip address reported in the log.
2. If you release the access rights to the specified directory, you can also explicitly set Require all granted in the directory configuration of virtualhost.
<Directory /var/www/html>
Options -Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
Options -Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
For more configuration options see
https://httpd.apache.org/docs/2.4/mod/mod_authz_core.html#require