403 Forbidden relating to .htaccess

J

jlixfeld

Verified User
Joined
Jun 1, 2009
Messages
60
I'm getting 403 Forbidden messages on the domain of a reseller and all their other customer domains:

Forbidden

You don't have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

The logs suggest something relating to .htaccess:

Code: 
[Fri Dec 18 18:36:01 2009] [crit] [client 206.223.182.67] (13)Permission denied: /home/telehouse/domains/telehouse.ca/public_html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable, referer: http://www.telehouse.ca/

But it exists and the permissions are correct (at least according to './set_permissions.sh all'):

Code: 
-rw-r--r--  1 telehouse  telehouse  0 Dec 18 18:35 /home/telehouse/domains/telehouse.ca/public_html/.htaccess

Probably something simple, but I'm not seeing it.

Anyone have any ideas?

Thanks in advance.
 
Just what are you trying to do when you get that 403 error? What URL is causing the error? It's normal to get it if you don't have an index.html (or other, defined in your apache configuration), unless you set your configuration to use some other file as default, or to create it's own html-based directory when no file is specified.

The permission denied error is telling you that a call from lwww.telehouse.ca is trying to read an .htaccess file which may be unreadable or missing. What site is telehouse.ca trying to find when you see that in your logs?

Jeff
 
jlasman said:
Just what are you trying to do when you get that 403 error? What URL is causing the error?
Click to expand...

I'm just trying to hit http://www.telehouse.ca, http://www.telehouse.ca/ or http://www.telehouse.ca/index.html (or any URL from any other user under the telehouse reseller, for that matter).

It's normal to get it if you don't have an index.html (or other, defined in your apache configuration), unless you set your configuration to use some other file as default, or to create it's own html-based directory when no file is specified.
Click to expand...

index.html exists:

Code: 
[root@app1 /home/telehouse/domains/telehouse.ca/public_html]# ls -al index.html 
-rwxr-xr-x  1 telehouse  telehouse  612 Dec  9 19:35 index.html

The httpd.conf for user telehouse looks ok:

Code: 
<VirtualHost 98.124.18.30:80>


	ServerName www.telehouse.ca
	ServerAlias www.telehouse.ca telehouse.ca 
	ServerAdmin [email protected]
	DocumentRoot /home/telehouse/domains/telehouse.ca/public_html
	ScriptAlias /cgi-bin/ /home/telehouse/domains/telehouse.ca/public_html/cgi-bin/

	UseCanonicalName OFF

	SuexecUserGroup telehouse telehouse
	CustomLog /var/log/httpd/domains/telehouse.ca.bytes bytes
	CustomLog /var/log/httpd/domains/telehouse.ca.log combined
	ErrorLog /var/log/httpd/domains/telehouse.ca.error.log

	<Directory /home/telehouse/domains/telehouse.ca/public_html>
		Options +Includes -Indexes

		php_admin_flag engine ON
		<IfModule !mod_php6.c>
			php_admin_flag safe_mode OFF
		</IfModule>
		php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f [email protected]'


		php_admin_value open_basedir /home/telehouse/:/tmp:/var/tmp:/usr/local/lib/php/


	</Directory>



</VirtualHost>

I've checked this against httpd.conf files and entries from other resellers, and they are identical so I don't believe it's a config file issue.

The permission denied error is telling you that a call from lwww.telehouse.ca is trying to read an .htaccess file which may be unreadable or missing. What site is telehouse.ca trying to find when you see that in your logs?
Click to expand...

The .htaccess is indeed there (see the initial post).

telehouse.ca is reading from /home/telehouse/domains/telehouse.ca/public_html as per the httpd.conf entry above. That is also the location of the .htaccess file, which does exist, and who's permissions are correct (again, the permissions on the files and directories were what './set_permissions.sh all' set them to, so I assume they are correct).
 
Then its a permission problem on a parent folder.
 
I didn't even think to check parent folder permissions since I've run the set_permissions.sh script a hundred times during the course of this investigation.

Indeed, the permissions on public_html were 750 instead of 755.

Should 'set_permissions.sh all' not have fixed this?
 
Hello,

set_permissions.sh does not touch any files that were uploaded or controlled by a User. It only does system related files setup by DA, and mail related folders within the User's home directory.

This guide is somewhat related:
http://help.directadmin.com/item.php?id=173

however, it still won't address the 750 issue. For that, if you need to do it in mass for the public_html folder, use:
Code: 
chmod 755 /home/*/domains/*/public_html
John
 
You must log in or register to reply here.
Back
Top