Error 403 with SMF?

Discussion in 'Scripts, 3rd Party Apps, and Programming' started by chroixx1, Feb 2, 2015.

  1. chroixx1

    chroixx1 New Member

    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    I might be a bit of a noob, but anyone know what's up with this?
    Forbidden
    You don't have permission to access /index.php on this server.​
    Oh, and sorry if this isn't the right place for it... I usually just post in Free Hosting, I don't get out much.
     
  2. fomalhaut

    fomalhaut Member

    Messages:
    99
    Likes Received:
    0
    Trophy Points:
    6
    Hello ! Have you permission mode 644 on your file ? You see/change that on your cPanel / File Manager (or Legacy File MAnager)
     
  3. bdistler

    bdistler Well-Known Member Prime Account

    Messages:
    3,534
    Likes Received:
    195
    Trophy Points:
    63
    mod_security settings can throw a 403 error (Forbidden) - if it sees a "shady" request
     
  4. caftpx10

    caftpx10 Well-Known Member

    Messages:
    1,500
    Likes Received:
    108
    Trophy Points:
    63
    What is this 'SMF' you speak of?
    As pointed out by bdistler, mod_security is most likely the cause of this 403 HTTP Response.
     
  5. Ohso

    Ohso Member Prime Account

    Messages:
    114
    Likes Received:
    4
    Trophy Points:
    18
    Nothing you can do about it apparently
     
  6. bdistler

    bdistler Well-Known Member Prime Account

    Messages:
    3,534
    Likes Received:
    195
    Trophy Points:
    63
    [ Select PHP Version ] on 'cPanel x3' homepage (not x10hosting's Basic) - then [ Switch to PHP Settings ] - change the [ display_errors ] and [ log_errors ] values to "On"
    be sure to click on [ Save ] AFTER you click on [ Apply ]

    then maybe you will see the error that causes mod_security to throw a 403 error - in the [ error_log ] file and/or you browser when you load your site
     
    Last edited: Feb 3, 2015
  7. caftpx10

    caftpx10 Well-Known Member

    Messages:
    1,500
    Likes Received:
    108
    Trophy Points:
    63
    Doesn't the HTTP Responses triggered by mod_security prevent "leaky" or vulnerable scripts from running and therefore no error will be generated?
     
  8. chroixx1

    chroixx1 New Member

    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    1
    Will try this, thanks.
     
  9. bdistler

    bdistler Well-Known Member Prime Account

    Messages:
    3,534
    Likes Received:
    195
    Trophy Points:
    63
    Event B follows Event A - so B must be the direct result of A - It is a classic fallacy in logic
    the 'script' needs to make a 'leaky' request or throw some type of error - before mod_security can (will) replace the 'real' error code with a 403 or some other error code in the 'Response Headers'
     
  10. caftpx10

    caftpx10 Well-Known Member

    Messages:
    1,500
    Likes Received:
    108
    Trophy Points:
    63
    Makes sense. PHP code does get parse before being sent out as a result or whatever for the web server (in this case Apache) to use.
     

Share This Page