Invision Community 4: SEO, prepare for v5 and dormant account notifications Matt November 11, 2024Nov 11
Posted September 19, 20168 yr ForbiddenYou don't have permission to access /test/ on this server.Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request Anyone? (Latest IP board)
September 20, 20168 yr Author Yes, I do but after latest update admin or front end both giving me same error message... I will try again...
September 20, 20168 yr Author I have just uploaded same thing again and no difference getting same error message Forbidden You don't have permission to access /test/admin/ on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. Forbidden You don't have permission to access /test/admin/ on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
September 20, 20168 yr Do you have a custom .htaccess file in your test directory and are the file permissions correct?
September 20, 20168 yr Author Hi Daniel, Thank you for your help. Permission is 644 and content is this (has htaccess user) #<ipb-protection> <Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$"> Order allow,deny Deny from all </Files> #</ipb-protection> <IfModule mod_rewrite.c> Options -MultiViews RewriteEngine On RewriteBase /forum/ RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !\..+$ RewriteRule . /test/index.php [L] </IfModule> AuthName "test board" AuthUserFile "/home/media/.htpasswds/public_html/test/passwd" AuthType Basic require valid-user
September 20, 20168 yr Author Ok I know what cause this problem: When I remove this part #<ipb-protection> <Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$"> Order allow,deny Deny from all </Files> #</ipb-protection> from my .htaccess file everything works just fine... If I keep above code in my .htaccess file, my server is throwing below lines on my serverside error log [Tue Sep 20 19:43:04.318606 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.php5 [Tue Sep 20 19:43:04.315161 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.phtml [Tue Sep 20 19:43:04.315111 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.php [Tue Sep 20 19:43:04.315077 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.php3 [Tue Sep 20 19:43:04.315024 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.php4 [Tue Sep 20 19:43:04.313739 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.cgi [Tue Sep 20 19:43:04.313576 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.pl [Tue Sep 20 19:43:04.312149 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.shtml
September 21, 20168 yr You are mixing the new auth config and the old one. OLD RULE: Order allow,deny Deny from all NEW RULE: Require all denied So replace the two lines above with the new rule and try it I have many years to use Apache and maybe my recommendation will not perfect for you.... But it is easy to check and nothing will break
September 21, 20168 yr Author On 9/20/2016 at 2:05 AM, Daniel F said: Do you have a custom .htaccess file in your test directory and are the file permissions correct? @Daniel F any thoughts or should I go with @ASTRAPI solution (haven't tried it yet)?
September 21, 20168 yr Just check my solution and if doesn't work revert it It is a simple edit that easily can revert ....
September 21, 20168 yr Author 14 minutes ago, ASTRAPI said: Just check my solution and if doesn't work revert it It is a simple edit that easily can revert .... Only replaced that line with other 2 lines I got same problem Forbidden You don't have permission to access /test/admin/ on this server. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
September 21, 20168 yr My fix was for : [access_compat:error] [pid 13006] AH01797: client denied by server configuration: so it seems that it works For the Forbidden error it looks like an .htaccess issue....
September 21, 20168 yr Ok found it I just re read your posts You are using this htaccess on your /test folder: #<ipb-protection> <Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$"> Order allow,deny Deny from all </Files> #</ipb-protection> <IfModule mod_rewrite.c> Options -MultiViews RewriteEngine On RewriteBase /forum/ RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !\..+$ RewriteRule . /test/index.php [L] </IfModule> AuthName "test board" AuthUserFile "/home/media/.htpasswds/public_html/test/passwd" AuthType Basic require valid-user then is normal to not work as with this code: #<ipb-protection> <Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$"> Order allow,deny Deny from all </Files> #</ipb-protection> you are blocking php ! This code should be on the .htaccess that is on the uploads folder only ! As the users uploads goes there and you don't want them to run any php, cgi e.t.c files So you can add that code on .htaccess files only on folders that users upload data and you don't want to let them run any code from there.
Archived
This topic is now archived and is closed to further replies.