Jump to content

I am getting Forbidden warning when i try to enter the board

media

By media
in Classic self-hosted technical help

Recommended Posts

media Mentor

media

Posted
Posted

  

ForbiddenYou don't have permission to access /test/ on this server.Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request

Anyone? (Latest IP board)

media Mentor

media

Posted
  • Author
Posted

I have just uploaded same thing again and no difference getting same error message

Forbidden

You don't have permission to access /test/admin/ on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. 

Forbidden

You don't have permission to access /test/admin/ on this server.


Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

 

media Mentor

media

Posted
  • Author
Posted

Hi Daniel,

Thank you for your help. Permission is 644 and content is this (has htaccess user) 

#<ipb-protection>
<Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$">
    Order allow,deny
    Deny from all
</Files>
#</ipb-protection>
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /forum/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !\..+$
RewriteRule . /test/index.php [L]
</IfModule>
AuthName "test board"
AuthUserFile "/home/media/.htpasswds/public_html/test/passwd"
AuthType Basic
require valid-user

 

media Mentor

media

Posted
  • Author
Posted

Ok I know what cause this problem:

When I remove this part 

#<ipb-protection>
<Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$">
    Order allow,deny
    Deny from all
</Files>
#</ipb-protection>

from my .htaccess file everything works just fine...

If I keep above code in my .htaccess file, my server is throwing below lines on my serverside error log 

[Tue Sep 20 19:43:04.318606 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.php5
[Tue Sep 20 19:43:04.315161 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.phtml
[Tue Sep 20 19:43:04.315111 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.php
[Tue Sep 20 19:43:04.315077 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.php3
[Tue Sep 20 19:43:04.315024 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.php4
[Tue Sep 20 19:43:04.313739 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.cgi
[Tue Sep 20 19:43:04.313576 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.pl
[Tue Sep 20 19:43:04.312149 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.shtml

 

ASTRAPI Proficient

ASTRAPI

Posted
Posted

You are mixing the new auth config and the old one.

OLD RULE: 

    Order allow,deny
    Deny from all

 

NEW RULE: 

Require all denied

 

So replace the two lines above with the new rule and try it ^_^

I have many years to use Apache and maybe my recommendation will not perfect for you....

But it is easy to check and nothing will break ^_^

media Mentor

media

Posted
  • Author
Posted
On ‎9‎/‎20‎/‎2016 at 2:05 AM, Daniel F said:

Do you have a custom .htaccess file in your test directory and are the file permissions correct? 

@Daniel F any thoughts or should I go with @ASTRAPI solution (haven't tried it yet)?

media Mentor

media

Posted
  • Author
Posted
14 minutes ago, ASTRAPI said:

Just check my solution and if doesn't work revert it ^_^

It is a simple edit that easily can revert ....

Only replaced that line with other 2 lines

I got same problem 

Forbidden

You don't have permission to access /test/admin/ on this server.


Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

 

ASTRAPI Proficient

ASTRAPI

Posted
Posted

My fix was for : 

[access_compat:error] [pid 13006] AH01797: client denied by server configuration:

so it seems that it works ^_^

For the Forbidden error it looks like an .htaccess issue....

ASTRAPI Proficient

ASTRAPI

Posted
Posted

Ok found it ^_^

I just re read your posts ^_^

You are using this htaccess on your /test folder: 

#<ipb-protection>
<Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$">
    Order allow,deny
    Deny from all
</Files>
#</ipb-protection>
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /forum/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !\..+$
RewriteRule . /test/index.php [L]
</IfModule>
AuthName "test board"
AuthUserFile "/home/media/.htpasswds/public_html/test/passwd"
AuthType Basic
require valid-user

then is normal to not work as with this code:

  

#<ipb-protection>
<Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$">
    Order allow,deny
    Deny from all
</Files>
#</ipb-protection>

you are blocking php !

This code should be on the .htaccess that is on the uploads folder only !

As the users uploads goes there and you don't want them to run any php, cgi e.t.c files ^_^

So you can add that code on .htaccess files only on folders that users upload data and you don't want to let them run any code from there.

 

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...