Is there a log that covers 403 forbiddens and why
Hi,
I am trying to figure out why a call to a webpage logout button within my application is getting a 403 forbidden.
The same call to the same file is used on the admin console of the application and works fine (meaning i can click the button and logout of the application just fine). But for some reason on the user side of the application when i click the logout button, it gets a 403 forbidden.
Is there a log that can tell me why its being blocked ie permission and where the block is originating from?
I have checked my htaccess file and there is nothing that should be blocking it. I did notice that all of my qualified add on domain folders which reside above public_html are all 750 permissions and not 755 like other folders. But so far that is all that i have found.
Is there a log that i should be looking at in specific?
Thanks :)
-
Hey hey! Normally I would expect all 403s to be logged to the main Apache log at /etc/apache2/logs/error_log. It also could be located in the ModSecurity log at /usr/local/apache/logs/modsec_audit.log
1 -
Thanks, I disabled mod security and the issue went away. So i guess i need to look at the mod security log to see what it does not like about that link. Oops i guess i did not read your last sentence lol
Thanks :)
0
Please sign in to leave a comment.
Comments
2 comments