I'm a programmer with very little knowledge of website administration. I've inherited the task of uploading our new pages and data to our website. I have a sandbox site that works great, and I've transferred everything for that site to the live site. Now I get 403 in the browser, and the only clue I've been able to find so far is in one of the error logs: Permission denied: .htaccess pcfg_openfile. But both the old and new .htaccess files have 0644 permissions, and both parent directories have 0750 permissions. I don't know where to go from here. Help!
Change the parent from 750 to 755.
Update. Then try this from a shell prompt.
chmod -R 755 /path/to/siteroot/
Related
In my web server, I intentionally changed ownership of the public_html folder recursively using chown user:user -R public_html command. Now i cant access my website. It throws an 403 forbidden error while accessing.
I know the issue is with .htaccess file and I tried changing ownership to root user back again and changing file permission to 755 and 644 back and forth. Still no progress. Please can someone look into this. What is the cause for this and what will be the solution?
Have created a .htaccess file from root with chmod permissons of 400. It is placed in the user ftp directory with all the details I have entered in plesk for it. However when I log in to the ftp as the user ie (ftp://www.ftpname.co.uk with username and password) and it goes to that directory and shows me that the .htaccess file is already there and uploaded by the root I can still delete it as the user.
This is very frustrating. Any idea what I am doing wrong and to stop the .htaccess file being deleted by the ftp user?
Thanks
CP
It's in proftpd FAQ http://www.proftpd.org/docs/faq/linked/faq-ch6.html#AEN677
Docs advice to use this directives as workaround:
http://www.proftpd.org/docs/directives/linked/config_ref_IgnoreHidden.html
http://www.proftpd.org/docs/directives/linked/config_ref_HideNoAccess.html
Another workaround it's immutable bit, but I definitely don't recommend to using it.
I have moved my wordpress website from a shared hosting to a new vps. After moving, I had issues regarding timthumb and uploading images, these issues were resolved only by chmoding 777 uploads and subdirectories, and cache directory inside the theme dir.
My questions is: Isn't that a security hole? Is it a wordpress problem, or I am missing something here?
Thanks
Yes, 777 is a security hole and the WordPress Codex specifically addresses this and gives suggestions on how to set permissions.
Yes, 777 is very insecure. WordPress does not require 777 for any directory, and no correctly developed plugin should, either. WordPress needs no more than 755 on most directories.
On shared hosting, permission schemes are managed by the host. On a VPS, you will need to do some management or owners and groups and permissions yourself.
See Changing File Permissions « WordPress Codex and Hardening WordPress « WordPress Codex for correct permissions and owner/groups for WordPress.
I have a website mydomain.com. The parent directory contains (among others) httpdocs and web_users. web_users contains a folder myFolder.
I made a symbolic link (ln -s) to httpdocs, all went well. But now, when I try to go to mydomain.com/myFolder, I get an error:
Forbidden You do not have permission to access this document.
Web Server at mydomain.com
How can I make this work? Do I have to adjust my .htaccess?
Regards,
Tom
It seems like a file permission problem. Be sure that your web server user(www-data or httpd usually) has read permissions on your myFolder directory.
1, Be sure to have enabled
Option FollowSymLinks
Docs : http://httpd.apache.org/docs/2.2/mod/core.html#Options
2, Be sure that apache process have read permissions to your directory, try to
chmod 0777 myFolder
to your folder or
chown [apacheuser] myFolder
this should fix it
I'm getting below error when I'm trying to access a folder in Linux CENT OS server.
Forbidden
You don't have permission to access /blog/ on this server.
Apache Server at www.franchisedirectory.com.au Port 80
I changed settings in httpd.conf and .htaccess but it doesn't seem to do anything.
Is there somewhere I can change this?
"You don't have access to /foo ..." doesn't mean the path /foo in the OS. It means you don't have access to the URL /foo. For instance, suppose that requests for that domain go to a docroot at /var/www/webroot. Then /foo (unless you aliased it elsewhere) goes to /var/www/webroot/foo. That is the directory that needs the proper permissions (in addition to <Directory>/.htaccess controls.)
I just set up the following on my server to prove this:
Alias /foo /bar
I created a /bar directory at the shell prompt. I removed all permissions with chmod a-rwx /bar. Then I restarted Apache and surfed for /foo. Guess what?
You don't have permission to access /foo on this server.
It clearly reports the URL, not the path it is translated to.
I do not recommend chmod 777 by the way, because that means world writable. chmod 744 is better: writable to owner, readable to others. If it's a directory, 755 (add the execute bit too).
Good luck, mate.
I think that to solve this you should type:
chmod 777 /blog
Probably you it doesn't have write permission on that folder so it will give you that forbidden error.