[Solved] 403 Error with 4.1.5

Discussion in 'Bug Reports' started by bkonia, Oct 13, 2011.

  1. bkonia

    bkonia New Member

    After upgrading to 4.1.5, one of my sites is now getting a 403 error on all pages. I reverted to 4.1.4 and it works fine. Then I did force reinstall 4.1.5 and still getting the 403 errors, so had to revert back to 4.1.4.
  2. mistwang

    mistwang LiteSpeed Staff

  3. bkonia

    bkonia New Member

    That fixed it, thanks.
  4. sysmesh

    sysmesh New Member

    Got the same problem. 403 shows when I for example edit a post in wordpress and save it.

    I applied the above solution but it didn't fix it.

    Any other advice?
  5. mistwang

    mistwang LiteSpeed Staff

    Please do a "Force reinstall" to make sure the latest build is used.
  6. sysmesh

    sysmesh New Member

    Did it now and the issue still happens. Seems whenever you edit a post or page and save it a 403 error occurs. It happens on ALL WP based sites on the machine :-(

    Any other thing to look for?
  7. mistwang

    mistwang LiteSpeed Staff

    Please check error.log, if you use cPanel, check /usr/local/apache/logs/error_log for the reason of 403 error.
  8. sysmesh

    sysmesh New Member

    I'm not using cpanel or any other panel it's a debian linux machine with no panels.

    On the litespeed log there's no error showing.

    Where is the log file located at?
  9. mistwang

    mistwang LiteSpeed Staff

    So, you have configured vhosts in native configuration?
    It should be /usr/local/lsws/logs/error.log, maybe you should enable full debug logging for a while, and search for log entries with your IP address.
    I wonder if it is a 403 error from LiteSpeed or from somewhere else.
  10. sysmesh

    sysmesh New Member

    Strange, there are no visible errors on my IP in the log.
    On some of the WP sites I managed to get it to work by clearing the cache but on others it failed to work remaining with 403 errors.

    My guess is a bug in 4.1.5 that happens on some plugins on WP but am not sure.
    I might be forced to downgrade and stay on 4.1.3 unless you guys have another advice?
  11. sysmesh

    sysmesh New Member

    update: file uploads (images) to posts fail too (HTTP error) with nothing in the debug log that indicates an error :-(
  12. mistwang

    mistwang LiteSpeed Staff

    Please check if PHP suEXEC is function properly or not.
    write test PHP script to run "id" command, see if php processes is running as correct user ID.

    I assume you are using PHP suEXEC, each web site uses its own lsphp5 running as the user id of the owner of the site.
  13. sysmesh

    sysmesh New Member

    Actually all websites are under www-data (same user) as all are owned by us.
  14. mistwang

    mistwang LiteSpeed Staff

    then make sure lsphp5 were running as www-data. Please show us the actual error.
  15. sysmesh

    sysmesh New Member

    Hi,
    LSphp is running under www-data (see attached).
    Error 403 still happens (also attached).

    I wish the logs would give me a hint of the cause but they seem useless as they show no errors or issues :-(

    Anything else i can try?

    Attached Files:

    • ls1.JPG
      ls1.JPG
      File size:
      39.6 KB
      Views:
      5
    • ls2.JPG
      ls2.JPG
      File size:
      46 KB
      Views:
      5
  16. webizen

    webizen New Member

    you may also check stderr.log (e.g. /usr/local/lsws/logs/stderr.log) and syslog (e.g. /var/log/messages).

    also check the ownership of your upload directory.
  17. mistwang

    mistwang LiteSpeed Staff

    For those 403 error, LSWS should log something about it. maybe you can turn on debug logging and try again. make sure debug level is "HIGH", log level is at "DEBUG".
  18. sysmesh

    sysmesh New Member

    I think I might have found a solution: In the security settings of the server setup I've set the "check symbolic links" to "no" and it started to work again.
    Thanks for your help!
  19. sysmesh

    sysmesh New Member

    I was happy to soon.
    Same issue remains :-(
    I added a debug log to the site and FINALLY got this:
    ModSecurity: Access denied with code 403, [Rule: 'ARGS' '(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)']
    [Msg: XSS attack]

    How do I fix that?
  20. mistwang

    mistwang LiteSpeed Staff

    You can locate and comment out that rule, or use

    SecRuleRemoveById xxxxx

    to exclude that rule for that URL.
    Maybe you enabled Request Body scan by default, which may cause trouble with gotroot rules.

Share This Page