Skip to main content
cPanel Technical Support has been heavily impacted by hurricane Beryl and our ability to respond to tickets has been hindered as a result. We appreciate your understanding and patience as we address these delays.

403 Forbidden after rearranging of account

Comments

6 comments

  • 24x7serversecurity
    Hello :), Have you gone through the error logs? Check both cPanel error logs as well as apache error logs. This is most likely permission issue. Can advice once you show the error logs.
    0
  • cPanelMichael
    Hello, Could you review the Apache error log (/usr/local/apache/logs/error_log) when this happens and let us know the output you see when encountering that error message in your browser? Thank you.
    0
  • Joe Li
    Hello, This is the error I got from the Apache error log
    [Tue Jun 06 07:27:44.364013 2017] [core:crit] [pid 15739] (13)Permission denied: [client IP ADDRESS:57271] AH00529: /mnt/home-dir/home/usrname/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/mnt/home-dir/home/usrname/' is executable [Tue Jun 06 07:27:44.364873 2017] [core:crit] [pid 15739] (13)Permission denied: [client IP ADDRESS:57271] AH00529: /mnt/home-dir/home/usrname/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/mnt/home-dir/home/usrname/' is executable [Tue Jun 06 07:27:44.370784 2017] [:error] [pid 15739] [client IP ADDRESS] ModSecurity: collection_store: Failed to access DBM file "/var/cpanel/secdatadir/ip": Permission denied [hostname "www.example.com"> [uri "/"> [unique_id "UNIQUEID"> [Tue Jun 06 07:27:44.372168 2017] [:error] [pid 15739] [client IP ADDRESS] ModSecurity: Audit log: Failed to create subdirectories: /etc/apache2/logs/modsec_audit/usrname/20170606/20170606-0727 (Permission denied) [hostname "www.server.com"> [uri "/"> [unique_id "UNIQUEID"> [Tue Jun 06 07:27:44.396021 2017] [core:crit] [pid 15739] (13)Permission denied: [client IP ADDRESS:57271] AH00529: /mnt/home-dir/home/usrname/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/mnt/home-dir/home/usrname/' is executable [Tue Jun 06 07:27:44.396311 2017] [core:crit] [pid 15739] (13)Permission denied: [client IP ADDRESS:57271] AH00529: /mnt/home-dir/home/usrname/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/mnt/home-dir/home/usrname/' is executable [Tue Jun 06 07:27:44.397565 2017] [:error] [pid 15739] [client IP ADDRESS] ModSecurity: collection_store: Failed to access DBM file "/var/cpanel/secdatadir/ip": Permission denied [hostname "www.server.com"> [uri "/favicon.ico"> [unique_id "UNIQUEID"> [Tue Jun 06 07:27:44.397795 2017] [:error] [pid 15739] [client IP ADDRESS] ModSecurity: Audit log: Failed to create subdirectories: /etc/apache2/logs/modsec_audit/usrname/20170606/20170606-0727 (Permission denied) [hostname "www.server.com"> [uri "/favicon.ico"> [unique_id "UNIQUE-ID"> [Tue Jun 06 07:30:02.426945 2017] [:error] [pid 15741] [client 127.0.0.1] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"> [line "286"> [id "920280"> [rev "2"> [msg "Request Missing a Host Header"> [severity "WARNING"> [ver "OWASP_CRS/3.0.0"> [maturity "9"> [accuracy "9"> [tag "application-multi"> [tag "language-multi"> [tag "platform-multi"> [tag "attack-protocol"> [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_HOST"> [tag "WASCTC/WASC-21"> [tag "OWASP_TOP_10/A7"> [tag "PCI/6.5.10"> [hostname "server.com"> [uri "/whm-server-status"> [unique_id "UNIQUEID">
    0
  • 24x7server
    Hi, Modsecurity does seem to be the cause of the error you are getting, but you have to check it more. Check what is your IP addresss # tail -f /usr/local/apache/logs/error_log | grep Browse the website now and then go back to the shell and see what error is occurring. If it is only modsecurity, then you have check what part of it is doing it, whether you rearranged the account properly, did you change the ownership after the rearrangement? and stuff like this, so please check ..
    0
  • fuzzylogic
    /mnt/home-dir/home/usrname/.htaccess pcfg_openfile: unable to check htaccess file

    This seems to be a non-standard path to find a domains .htaccess file on a cPanel server. A more standard path would be... /home/username/public_html/.htaccess If you have configured new non-standard paths, perhaps you omitted the public_html directory. Also usrname is mis-spelled. Not knowing how you "re-arranged some accounts" its hard to offer much more. You have permission/ownership issues with the apache user (nobody) reading the /var/cpanel/secdatadir/ip file, but this should not generate a 403 error. You have permission/ownership issues with the apache user (nobody) writing to the /etc/apache2/logs/modsec_audit/ directory, but this should not generate a 403 error.
    0
  • Jcats
    Can you provide the output of:
    ls -lah /mnt/home-dir/home/usrname/
    0

Please sign in to leave a comment.