Jump to content

I am getting Forbidden warning when i try to enter the board


media

Recommended Posts

I have just uploaded same thing again and no difference getting same error message

Forbidden

You don't have permission to access /test/admin/ on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

Forbidden

You don't have permission to access /test/admin/ on this server.


Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

 

Link to comment
Share on other sites

Hi Daniel,

Thank you for your help. Permission is 644 and content is this (has htaccess user)

#<ipb-protection>
<Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$">
    Order allow,deny
    Deny from all
</Files>
#</ipb-protection>
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /forum/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !\..+$
RewriteRule . /test/index.php [L]
</IfModule>
AuthName "test board"
AuthUserFile "/home/media/.htpasswds/public_html/test/passwd"
AuthType Basic
require valid-user

 

Link to comment
Share on other sites

Ok I know what cause this problem:

When I remove this part

#<ipb-protection>
<Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$">
    Order allow,deny
    Deny from all
</Files>
#</ipb-protection>

from my .htaccess file everything works just fine...

If I keep above code in my .htaccess file, my server is throwing below lines on my serverside error log

[Tue Sep 20 19:43:04.318606 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.php5
[Tue Sep 20 19:43:04.315161 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.phtml
[Tue Sep 20 19:43:04.315111 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.php
[Tue Sep 20 19:43:04.315077 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.php3
[Tue Sep 20 19:43:04.315024 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.php4
[Tue Sep 20 19:43:04.313739 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.cgi
[Tue Sep 20 19:43:04.313576 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.pl
[Tue Sep 20 19:43:04.312149 2016] [access_compat:error] [pid 13006] AH01797: client denied by server configuration: /home/media/public_html/test/index.shtml

 

Link to comment
Share on other sites

You are mixing the new auth config and the old one.

OLD RULE:

    Order allow,deny
    Deny from all

 

NEW RULE:

Require all denied 

 

So replace the two lines above with the new rule and try it ^_^

I have many years to use Apache and maybe my recommendation will not perfect for you....

But it is easy to check and nothing will break ^_^

Link to comment
Share on other sites

14 minutes ago, ASTRAPI said:

Just check my solution and if doesn't work revert it ^_^

It is a simple edit that easily can revert ....

Only replaced that line with other 2 lines

I got same problem

Forbidden

You don't have permission to access /test/admin/ on this server.


Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

 

Link to comment
Share on other sites

Ok found it ^_^

I just re read your posts ^_^

You are using this htaccess on your /test folder:

#<ipb-protection>
<Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$">
    Order allow,deny
    Deny from all
</Files>
#</ipb-protection>
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /forum/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !\..+$
RewriteRule . /test/index.php [L]
</IfModule>
AuthName "test board"
AuthUserFile "/home/media/.htpasswds/public_html/test/passwd"
AuthType Basic
require valid-user

then is normal to not work as with this code:

 

#<ipb-protection>
<Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml|([a-z0-9]{32}))$">
    Order allow,deny
    Deny from all
</Files>
#</ipb-protection>

you are blocking php !

This code should be on the .htaccess that is on the uploads folder only !

As the users uploads goes there and you don't want them to run any php, cgi e.t.c files ^_^

So you can add that code on .htaccess files only on folders that users upload data and you don't want to let them run any code from there.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...