I have read through posts about similar issues but they all seem to be slightly different, and hence this post.
I have a domain with a website (eg. example.com) that works just fine. I am now in the process of creating a subdomain (eg. sub.example.com) with a Flask app (the main domain is not a Flask app) which is also connected to an SQLite database (in the same folder).
After setting the A record for the subdomain, when accessing the subdomain address I get the following error message in my browser: "Forbidden. You don't have permission to access this resource."
What am I doing wrong?
Apache's error log says:
[Mon Jan 06 15:48:21.300079 2020] [authz_core:error] [pid 12194] [client xxx.xxx.xxx.xxx:xxxxx] AH01630: client denied by server configuration: /home/user/show/application.wsgi
The folder permissions for the root folder that holds the main Flask file (application.py) are drwxr-xr-x (ie. 755) and owner and group is my username. All files within that folder, and within the static and templates folders are rwxr-xr-x (ie. 755). Since the Apache error log mentions application.wsgi specifically, I double-checked the permissions on it and they are also 755.
This is application.wsgi:
#!/usr/bin/python
import sys
import logging
logging.basicConfig(stream=sys.stderr)
sys.path.insert(0,"/home/user/show/")
from show import app as application
application.secret_key = '*******'
(As a footnote, do I perhaps need to set the secret key in environment variables - is that the issue? If so, how do I do that in this case?)
This is the .conf for the subdomain:
<VirtualHost *:80>
ServerName sub.example.com
ServerAdmin admin@example.com
WSGIScriptAlias / /home/user/show/application.wsgi
<Directory /home/user/show/>
Order allow,deny
Allow from all
</Directory>
Alias /static /home/user/show/static
<Directory /home/user/show/static/>
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
