Fedora 19 ships with Apache 2.4. After the install completed it very soon become obvious that my previous Apache 2.2 setup didn't work without changes. At the time I just took a bigger hammer and kept banging it until it started. Needless to say, it didn't have all my virtual hosts and services.
Now I spent a while getting all the necessary things working. The most common issue I had was:
authz_core:error AH01630: client denied by server configuration
This pretty weird error is caused by the fact that as default all access is denied and the classic:
Order allow,deny
Allow from all
... does not actually do anything on 2.4, instead it needs to be written as:
Require all granted
The change in the configuration actually makes the setup much clearer, but the obvious problem is that it is not compatible with the previous versions. In the conf.modules.d/00-base.conf there is a directive to load the compat-module:
LoadModule access_compat_module modules/mod_access_compat.so
I put the line into comment and started running my Apache with new style setup only.
My second biggest issue was with the services I'm running with allow access from my own LAN, but require LDAP authentication when traffic was not originating from my LAN. Apache 2.2 example would be:
Order Deny,Allow
Deny from all
Allow from my.lan
Allow from 2001:1234:5678::/64
AuthType Basic
AuthName www.my.lan
AuthBasicProvider ldap
AuthLDAPURL "ldap://server:389/ou=People,dc=example,dc=com?uid?sub?(objectClass=*)"
Require valid-user
Satisfy Any
The solution is very simple, just list the requirements and 2.4 somehow magically knows what you mean:
Require host my.lan
Require ip 2001:1234:5678::/64
AuthType Basic
AuthName www.my.lan
AuthBasicProvider ldap
AuthLDAPURL "ldap://server:389/ou=People,dc=example,dc=com?uid?sub?(objectClass=*)"
Require valid-user
Otherwise my migration was pretty smooth.
