500 error and log entry: "Could not open config file /etc/apache2/suexec/www-data"

I’m trying to setup my first wordpress site, but am just getting a 500 message in the browser.

I get this error in /var/log/apache2/suexec.log.

[2015-06-11 07:45:18]: User www-data not allowed: Could not open config file /etc/apache2/suexec/www-data

It is accurate that the file doesn’t exist. If I create a blank file at that location, it reports the following.

[2015-06-11 07:48:43]: Could not read docroot from /etc/apache2/suexec/www-data

I’m a bit confused as I thought suexec should be executing the site as the user of the site, not the apache user.

Any idea what I have setup wrong?



What distro/version are you using?

And what’s the output of this command:

dpkg -l 'apache2*'

Thank you

$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 14.04.2 LTS Release: 14.04 Codename: trusty $ dpkg -l 'apache2*' Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-=================================-=====================-=====================-======================================================================== ii apache2 2.4.7-1ubuntu4.4 amd64 Apache HTTP Server un apache2-api-20120211 (no description available) ii apache2-bin 2.4.7-1ubuntu4.4 amd64 Apache HTTP Server (binary files and modules) ii apache2-data 2.4.7-1ubuntu4.4 all Apache HTTP Server (common files) ii apache2-doc 2.4.7-1ubuntu4.4 all Apache HTTP Server (on-site documentation) un apache2-mpm-event (no description available) un apache2-mpm-itk (no description available) un apache2-mpm-prefork (no description available) un apache2-mpm-worker (no description available) un apache2-suexec (no description available) ii apache2-suexec-custom 2.4.7-1ubuntu4.4 amd64 Apache HTTP Server configurable suexec program for mod_suexec un apache2-suexec-pristine (no description available) un apache2-utils (no description available) un apache2.2-bin (no description available) un apache2.2-common (no description available)

Just found this and thought I’d toss it in for good measure.

$ sudo /usr/lib/apache2/suexec -V -D SUEXEC_CONFIG_DIR=/etc/apache2/suexec/ -D AP_GID_MIN=100 -D AP_LOG_EXEC="/var/log/apache2/suexec.log" -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin" -D AP_UID_MIN=100

I see some examples around the internet with -D AP_USERDIR_SUFFIX=“public_html” so I’m looking into what that is about to see if it is related since I don’t have it.

I had to create a file /etc/apache2/suexec/www-data with the following content. In the past this has been created for me. Curious…


The first two lines contain the suexec document root and the suexec userdir

suffix. If one of them is disabled by prepending a # character, suexec will

refuse the corresponding type of request.

This config file is only used by the apache2-suexec-custom package. See the

suexec man page included in the package for more details.


That file is created when installing the “apache2-suexec-custom” package (which your output above shows is installed).

After installation, Virtualmin then updates it to point to the proper location (/home, rather than /var/www).

That’s very curious that it’s missing! I’m not sure why that would occur.

After you created the file above, are things working properly for you now?


Yep, everything is working properly. It actually happened on two servers I was setting up at the same time. I’ll review my procedure next time to see if I goofed and accidentally have something that includes that in a delete or something. In the end it gave me an excuse to understand suexec better.