[solved] 403 forbidden

#1
I have move a working site from one server to another.

If i run it with Apache all si fine.

But if i enable Litespeed i get

403 Forbidden
Access to this resource on the server is denied!

Any help gonna be much appreciate.
 
Last edited by a moderator:
#3
Thank you.
Problem solved, it has to do with Script Restricted Permission Mask under Admin Console => Configuration => Server => Security.
 

bobykus

Well-Known Member
#4
I have a file with permissions 0640


ls -la wp-content/uploads/2012/09/DSC_0547-150x150.jpg
-rw-r----- 1 dannebbuffy dannebbuffy 9998 Sep 11 13:24 wp-content/uploads/2012/09/DSC_0547-150x150.jpg

and the same set in Server > Security > Required Permission Mask 0640

But still getting


wget http://www.ultimat.nu/wp-content/uploads/2012/09/DSC_0547-150x150.jpg
--2012-09-11 14:26:59-- http://www.ultimat.nu/wp-content/uploads/2012/09/DSC_0547-150x150.jpg
Resolving www.ultimat.nu... 212.97.132.237
Connecting to www.ultimat.nu|212.97.132.237|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2012-09-11 14:26:59 ERROR 403: Forbidden.


Do you know why? The files with 0644 like

ls -la wp-content/uploads/2012/09/IMG_2408.jpg
-rw-r--r-- 1 dannebbuffy dannebbuffy 1801428 Sep 6 12:49 wp-content/uploads/2012/09/IMG_2408.jpg


are just fine

http://www.ultimat.nu/wp-content/uploads/2012/09/IMG_2408.jpg


Restricted Permission Mask is set to 000
 

webizen

Well-Known Member
#5
...
Do you know why? The files with 0644 like

ls -la wp-content/uploads/2012/09/IMG_2408.jpg
-rw-r--r-- 1 dannebbuffy dannebbuffy 1801428 Sep 6 12:49 wp-content/uploads/2012/09/IMG_2408.jpg


are just fine

...
This sounds like your web server running user (nobody) is not in the same group of dannebbuffy and hence can _NOT_ read file with 0640 permission.
 

bobykus

Well-Known Member
#6
OK,
but this is a part of Wordpress, which supposed to be executed by lsphp5 and
PHP suEXEC is Yes. Does it mean web server should read access to all users data anyway?
 

webizen

Well-Known Member
#7
for shared hosting, 0640 permission should be OK.

pls enable debug logging (loglevel -> low) via Admin Console and check error log (i.e., /usr/local/apache/logs/error_log) for more details of 403 error.
 

bobykus

Well-Known Member
#8
Here is a part


2012-09-18 10:24:09.844 [DEBUG] [212.97.128.202:58464-0#APVH_institutfrancais.dk:lsapi] write resumed!
2012-09-18 10:24:09.844 [DEBUG] [212.97.128.202:58464-0#APVH_institutfrancais.dk:lsapi] Written to client: 1211
2012-09-18 10:24:09.844 [DEBUG] [212.97.128.202:58464-0#APVH_institutfrancais.dk:lsapi] HttpIOLink::suspendWrite()...
2012-09-18 10:24:09.863 [DEBUG] [212.97.128.202:58501-4#APVH_institutfrancais.dk] processContextPath() return 0
2012-09-18 10:24:09.863 [DEBUG] [212.97.128.202:58501-4#APVH_institutfrancais.dk] readyCacheData() return 0
2012-09-18 10:24:09.863 [DEBUG] [212.97.128.202:58501-4#APVH_institutfrancais.dk] HttpConnection::flush()!
2012-09-18 10:24:09.863 [DEBUG] [212.97.128.202:58501-4#APVH_institutfrancais.dk] Written to client: 259
2012-09-18 10:24:09.863 [DEBUG] [212.97.128.202:58501-4#APVH_institutfrancais.dk] HttpConnection::nextRequest()!
2012-09-18 10:24:09.863 [DEBUG] [212.97.128.202:58500-3#APVH_institutfrancais.dk] processContextPath() return 0
2012-09-18 10:24:09.864 [INFO] Failed to open file [/hsphere/local/home/ifdanemark/institutfrancais.dk/wp-content/uploads/2012/09/switchcraft_LL_701.jpg], error: Permission denied


Does it mean the content from WP like images etc are server
by litespeed not php?
 

webizen

Well-Known Member
#9
Here is a part


...
2012-09-18 10:24:09.864 [INFO] Failed to open file [/hsphere/local/home/ifdanemark/institutfrancais.dk/wp-content/uploads/2012/09/switchcraft_LL_701.jpg], error: Permission denied


Does it mean the content from WP like images etc are server
by litespeed not php?
the jpg is static file. according to wp rewrite rules, it will not go through php but be served by web server directly.

check the permission of the file in question and the folder holds the file.
ls -l /hsphere/local/home/ifdanemark/institutfrancais.dk/wp-content/uploads/2012/09/switchcraft_LL_701.jpg
ls -ld /hsphere/local/home/ifdanemark/institutfrancais.dk/wp-content/uploads/2012/09/
 

bobykus

Well-Known Member
#10
-rw-r----- 1 ifdanemark ifdanemark 14000 Sep 18 10:13 /hsphere/local/home/ifdanemark/institutfrancais.dk/wp-content/uploads/2012/09/switchcraft_LL_701.jpg

drwxr-x--x 2 ifdanemark ifdanemark 8192 Sep 18 10:13 /hsphere/local/home/ifdanemark/institutfrancais.dk/wp-content/uploads/2012/09/


this is how it is with WP uploaded images. They are 0640!Any way to fix it?
 

bobykus

Well-Known Member
#12
institutfrancais.dk # cat .htaccess

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

RedirectPermanent /fr/frankofoni2012 http://www.institutfrancais.dk/fr/i...en-for-fransk-sprog/projets/francophonie2012/

RedirectPermanent /frankofoni2012 http://www.institutfrancais.dk/inst...en-for-fransk-sprog/projets/francophonie2012/

RedirectPermanent /campusfrance https://docs.google.com/spreadsheet...mkey=dFVYMGxaQTlGbFQ2OURtc3VPMklsWnc6MQ#gid=0
 

webizen

Well-Known Member
#13
for static file access, it is up to web server default running user. If the user is not in the account user's group, world readable permission is required.
 

bobykus

Well-Known Member
#14
yes,
but why Wp suddnly decide to upload files with 0640 permissions? it was not like this with apache+fcgid. means it was all 0644, umask was set to 022 in php wrapper. now permissions is screwed up! do you know how to fix it?
 

bobykus

Well-Known Member
#15
Found the source of the problem - if permissions to the upload folder is 0751, smarty WP do this

$stat = stat( dirname( $new_file ));
$perms = $stat['mode'] & 0000666;
@ chmod( $new_file, $perms );

means chmod 0640... Set permissions 0755 to upload folder and you are fine with 0644 for files!
 
Top