Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 326
  • Last Modified:

realaudio .rm file permissions problem?

I've got a really wierd problem with my hosting, for some reason I keep getting a 403 error whenever I try and download a .rm file

You don't have permission to access /realmedia/123ughmix.rm on this server."

however I did chmod 777 on all the .rm files and the folder they are in and that didn't work

if I put anything apart from .rm files in the folder I can access it

its really odd

I checked the cpanel and the mime types are there and correct

also I'm on a virtual host

click for example: http://www.undergroundhouse.net/realmedia/123ughmix.rm

anyone got any ideas?
1 Solution
Did you check the permissions on the directory? You should have read/execute for the web server user on it.
deepnfunkyAuthor Commented:
yep the directory is chmod 777
deepnfunkyAuthor Commented:
I've fixed this now, close the question please moderator

Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Mind posting how you fixed it?

To get this closed, you'll need to post in Community Support.
deepnfunkyAuthor Commented:
my hosting guys fixed it

"Working over this problem I found that our server administrator has enabled  mod_security loaded in apache for security reasons. Under the configuration files of this mod the remove command "rm" has been disallowed on the server and since your multimedia files were of .rm extension hence server stopped allowing that as well.

I have although disabled it for the time being and if you try to download the files now you'll notice that they download absolutely fine now. I'm escalating this ticket to our Sr. Server Admin who'll check and decide if this rule can stay as disabled or not.

For now the problem you were facing does not exist any more."
Makes sense, as that way an attacker can't use an overflowing url to do bad commands like rm. Its not like apache really has these problems, but IIS sure does.
PAQed with points refunded (500)

Community Support Moderator

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now