?
Solved

403 - Forbidden

Posted on 2006-06-09
8
Medium Priority
?
442 Views
Last Modified: 2010-03-04
aaaarrrrrrgh....
I am getting a 403 error for some unknown reason. i have tried everythng that i could think of. I gave read permissions to ALL users and allowed access from anywhere using .htaccess. don't know what to do now. :-(

I can access the last site setup in httpd.conf (testing.domain.com). it gives sql errors for known reasons but i dont see why i cannot see other sites.

========================
% cd $WEBROOT
% ls -ld
drwxrwxr-x  16 allstateforms  allstateforms  512 Apr  5 13:52 .

========================
% ls -l
total 60
...
-rw-rw-r--   1 allstateforms  allstateforms  8571 Mar 22 12:00 index.php
...

========================
% cat .htaccess
Order Deny,Allow

Allow from 00.000.00.0
Allow from 11.111.11.11

Deny from all

RewriteEngine On

RewriteRule ^([^/]+)\.html?(.*)$ index.php?_html_url=$1$2 [L,QSA]

RewriteRule .+\.pdf(.*)$ index.php?page=convert_to_pdf&cmd=download$1 [L,QSA]

========================

/****** relevant part from http.conf ******/

NameVirtualHost 00.000.00.00:80

<VirtualHost 00.000.00.00:80>
        ServerName www.domain.com
        ServerAlias nuppinc.com www.domain.com
        DocumentRoot /home/allstateforms/web
        ErrorLog /home/allstateforms/logs/error_log
        CustomLog /home/allstateforms/logs/access_log common
        Options +Indexes
        Redirect permanent /bugzilla https://dev.domain.com/bugzilla
</VirtualHost>

NameVirtualHost 00.000.00.00:80

<VirtualHost 00.000.00.00:80>
        ServerName dev.domain.com
        DocumentRoot /home/allstateforms/testweb/dev
        ErrorLog /home/allstateforms/logs/dev_error_log
        CustomLog /home/allstateforms/logs/dev_access_log common
        Options +Indexes
        Redirect permanent /bugzilla https://dev.domain.com/bugzilla/
        Alias /phpMyAdmin/ "/home/allstateforms/tools/phpMyAdmin/"
</VirtualHost>

<Directory /home/allstateforms/tools/bugzilla>
        AddHandler cgi-script .cgi
        Options +Indexes +ExecCGI +FollowSymLinks
        DirectoryIndex index.cgi
        AllowOverride Limit
</Directory>

NameVirtualHost 00.000.00.00:8080
<VirtualHost 00.000.00.00:8080>
        DocumentRoot /home/testers/web
        ServerName testing.domain.com
        ErrorLog /home/testers/web/err.log
        TransferLog /home/testers/web/access.log
        Alias /phpMyAdmin/ "/home/testers/db/phpMyAdmin/"
</VirtualHost>
0
Comment
Question by:jhshukla
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
8 Comments
 
LVL 15

Expert Comment

by:periwinkle
ID: 16873527
Try moving Deny from all to above your allow commands...
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 16873586
Wait, I think you have the wrong order statement:

Deny,Allow
    The Deny directives are evaluated before the Allow directives. Access is allowed by default. Any client which does not match a Deny directive or does match an Allow directive will be allowed access to the server.
Allow,Deny
    The Allow directives are evaluated before the Deny directives. Access is denied by default. Any client which does not match an Allow directive or does match a Deny directive will be denied access to the server.

see:

http://httpd.apache.org/docs/2.0/mod/mod_access.html

for examples.

I think you want:

Order Allow,Deny
Allow from 00.000.00.00/29
Allow from 11.111.11.11
Deny from all

... It's the first one matched that will be returned;  in this case, the allows take precedence over the denies.
0
 
LVL 9

Author Comment

by:jhshukla
ID: 16874052
oh i forgot to mention... i haven't modified the .htaccess file.
it was working before i started working here, i added the last virtual host in the httpd.conf and the problems began. btw, deny by default is intentional. the site is still pre-alpha and we want to test it before we make it public. and obviously, we don't want competitors to look at it until the it is launched.
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 
LVL 15

Expert Comment

by:periwinkle
ID: 16880555
This section:

<Directory /home/allstateforms/tools/bugzilla>
        AddHandler cgi-script .cgi
        Options +Indexes +ExecCGI +FollowSymLinks
        DirectoryIndex index.cgi
        AllowOverride Limit
</Directory>

is outside of a VirtualHost container -- why?
0
 
LVL 9

Author Comment

by:jhshukla
ID: 16886292
beat me to death ... plz. server was looking at the wrong .htaccess file.

DocumentRoot /home/allstateforms/testweb/dev
should have been
DocumentRoot /home/allstateforms/dev

thx.
0
 
LVL 15

Expert Comment

by:periwinkle
ID: 16890104
Works for me!
0
 
LVL 5

Accepted Solution

by:
Netminder earned 0 total points
ID: 16932404
Closed, 125 points refunded.
Netminder
Site Admin
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses
Course of the Month15 days, 10 hours left to enroll

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question