403 Forbidden after rearranging of account
I've been getting 403 error after rearranging the accounts on my server.
The error:
Forbidden
You don't have permission to access / on this server.
Server unable to read htaccess file, denying access to be safe
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
-
Hello :), Have you gone through the error logs? Check both cPanel error logs as well as apache error logs. This is most likely permission issue. Can advice once you show the error logs. 0 -
Hello, Could you review the Apache error log (/usr/local/apache/logs/error_log) when this happens and let us know the output you see when encountering that error message in your browser? Thank you. 0 -
Hello, This is the error I got from the Apache error log [Tue Jun 06 07:27:44.364013 2017] [core:crit] [pid 15739] (13)Permission denied: [client IP ADDRESS:57271] AH00529: /mnt/home-dir/home/usrname/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/mnt/home-dir/home/usrname/' is executable [Tue Jun 06 07:27:44.364873 2017] [core:crit] [pid 15739] (13)Permission denied: [client IP ADDRESS:57271] AH00529: /mnt/home-dir/home/usrname/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/mnt/home-dir/home/usrname/' is executable [Tue Jun 06 07:27:44.370784 2017] [:error] [pid 15739] [client IP ADDRESS] ModSecurity: collection_store: Failed to access DBM file "/var/cpanel/secdatadir/ip": Permission denied [hostname "www.example.com"> [uri "/"> [unique_id "UNIQUEID"> [Tue Jun 06 07:27:44.372168 2017] [:error] [pid 15739] [client IP ADDRESS] ModSecurity: Audit log: Failed to create subdirectories: /etc/apache2/logs/modsec_audit/usrname/20170606/20170606-0727 (Permission denied) [hostname "www.server.com"> [uri "/"> [unique_id "UNIQUEID"> [Tue Jun 06 07:27:44.396021 2017] [core:crit] [pid 15739] (13)Permission denied: [client IP ADDRESS:57271] AH00529: /mnt/home-dir/home/usrname/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/mnt/home-dir/home/usrname/' is executable [Tue Jun 06 07:27:44.396311 2017] [core:crit] [pid 15739] (13)Permission denied: [client IP ADDRESS:57271] AH00529: /mnt/home-dir/home/usrname/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/mnt/home-dir/home/usrname/' is executable [Tue Jun 06 07:27:44.397565 2017] [:error] [pid 15739] [client IP ADDRESS] ModSecurity: collection_store: Failed to access DBM file "/var/cpanel/secdatadir/ip": Permission denied [hostname "www.server.com"> [uri "/favicon.ico"> [unique_id "UNIQUEID"> [Tue Jun 06 07:27:44.397795 2017] [:error] [pid 15739] [client IP ADDRESS] ModSecurity: Audit log: Failed to create subdirectories: /etc/apache2/logs/modsec_audit/usrname/20170606/20170606-0727 (Permission denied) [hostname "www.server.com"> [uri "/favicon.ico"> [unique_id "UNIQUE-ID"> [Tue Jun 06 07:30:02.426945 2017] [:error] [pid 15741] [client 127.0.0.1] ModSecurity: Warning. Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"> [line "286"> [id "920280"> [rev "2"> [msg "Request Missing a Host Header"> [severity "WARNING"> [ver "OWASP_CRS/3.0.0"> [maturity "9"> [accuracy "9"> [tag "application-multi"> [tag "language-multi"> [tag "platform-multi"> [tag "attack-protocol"> [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_HOST"> [tag "WASCTC/WASC-21"> [tag "OWASP_TOP_10/A7"> [tag "PCI/6.5.10"> [hostname "server.com"> [uri "/whm-server-status"> [unique_id "UNIQUEID">
0 -
Hi, Modsecurity does seem to be the cause of the error you are getting, but you have to check it more. Check what is your IP addresss # tail -f /usr/local/apache/logs/error_log | grep Browse the website now and then go back to the shell and see what error is occurring. If it is only modsecurity, then you have check what part of it is doing it, whether you rearranged the account properly, did you change the ownership after the rearrangement? and stuff like this, so please check .. 0 -
/mnt/home-dir/home/usrname/.htaccess pcfg_openfile: unable to check htaccess file
This seems to be a non-standard path to find a domains .htaccess file on a cPanel server. A more standard path would be... /home/username/public_html/.htaccess If you have configured new non-standard paths, perhaps you omitted the public_html directory. Also usrname is mis-spelled. Not knowing how you "re-arranged some accounts" its hard to offer much more. You have permission/ownership issues with the apache user (nobody) reading the /var/cpanel/secdatadir/ip file, but this should not generate a 403 error. You have permission/ownership issues with the apache user (nobody) writing to the /etc/apache2/logs/modsec_audit/ directory, but this should not generate a 403 error.0 -
Can you provide the output of: ls -lah /mnt/home-dir/home/usrname/
0
Please sign in to leave a comment.
Comments
6 comments