403 Forbidden When I Try To Access Uploads
Jul 15, 2008Ok i get 403 forbidden when i try to access /uploads/ on my server. I wish to make it public. Can i make a index.html file dispay all of the files in the directory?
View 5 RepliesOk i get 403 forbidden when i try to access /uploads/ on my server. I wish to make it public. Can i make a index.html file dispay all of the files in the directory?
View 5 RepliesIn my VPS:
I have given to one of my clients a reseller, sometimes, it shows an error, when he enters his Forum:
Forbidden
You don't have permission to access /vb/showthread.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
The weird thing is, when that error comes, will appear on all other forums in the same time in his reseller!
I have tried to use some solutions such as :
1- Create .htaccess file and add the following code
Code:
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
2- I increase MaxSpareServers in httpd.conf.
I wanted to know about 403 error. I want to access a site, as I am browsing - its giving the error as below:
-----------------------
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
-------------------------
Does anybody will help me regarding my issue. Can somebody tell me why I am unable to see the site.
We have many intranet document what linked on our intranet site. We use "apache builed in" directory listing to handle documents on browser, and make accessable to users. Because this not so user friendly we try to use a template (h5ai-[URL] ....) for mod_autoindex.
Unfortunatelly if file or folder name contains special characters (like é,á,ű,ő,ú,ü,ö,ó) than get Access Forbidden - Error 403. If change the folder name, than its ok.
I use xampp. how to solve this.
Since one of my scripts was not working fine I came up with enabling
" Home>Subscriptions>tld>Websites & Domains>Web Hosting Access = > Access to the server over SSH : forbidden to /bin/sh "
Is it safe or not?
I've a problem with the chroot directories under /var/www/vhosts/domainxy.com. The options I've configured is "Access to the server over SSH -> Forbidden", After creating a webspace there are no chroot directories. But if I change the system user username under hosting settings, the directories will be created. But I don't want this, because the option I choosed is "Forbidden" and my customers are irritated about this directories. Can I prevent this behabiour?
View 1 Replies View Relatedi have moved my hosting to a new provider and i was wondering what is the quickest way to upload my 500MB files to the new server? Is there anyway i can speed this up like have a dedicated uplink port to my server, or via VPN or something, cos at the moment i have an upload speed of around 10KB/s,
View 5 Replies View RelatedMy requirements are 500MB, 5GB bandwidth, rails and postgres, $5-6 per month. It looks like there are many providers out there that are offer that.
However the only uploading method shared hosters seem to offer - or at least the only method they advertise - is FTP. Coming from a university and sysadmin background, I thought that anything that sends passwords over the wire unencrypted had died long ago (except HTML forms and legacy systems).
Are there any shared hosting services that allow a more secure upload method (e.g. scp, rsync-over-ssh, even webdav-over-ssl)?
company for over a month or 2
contacting them (support tickets) is as useless as not!..
their reply is always simply: we checked and nothing at our side! (asking for a clarification simply gets u nothing!)
problem is simply ONLY with ftp uploads!
my line upstream is 256Kbps (32 KB/sec) and down 1Mbps and i was always capable of pushing up to 2.2 GB/day ((i monitor my traffic all the time))
but just recently some weird things started appearing...
before uploads would never go under 27-26 KBs on my FTP client
now it's so normal finding it dropping to 15,10,4,2, 0!
ya a whole 0!
and that's not just for a second or two
it can stay like that for maybe aminute then go up back again!
And upon watching my traffic statistics closely, i found myself pushing at the most 1.6 GB only a day!
another funny thing is that files used to appear AND PARTIALLY in the root directory instead of the desired directory!
so WHAT IS UP!
On my dedic the uploads arent working... I am talking about normal http upload.
In my php.ini uploads are set as On and max file is 100mb.. my tmp is 777
possible error be?
I am about to purchase a reseller (Diamond) or maybe just a Hosting (Swamp) but I cant seem to find anywhere details on their MySQL policies.
I have a forum and the database if growing in size daily and im concerned about the database upload limit that may be applied. I have a dedicated server at the moment and im able to request that be changed via php.ini but where would I stand on this if I were to move to shared hosting?
We are going to host our own website. I built up a windows 2003 server. Installed IIS6. I am working on file upload to our website. I can get files to upload to c:Temp but not to c:Inetpubwwwrootourwebsiteupload.
I even set up the upload directory for full sharing with write permissions. Still no help.
I went into windows explorer and right clicked on the upload dir and shared it and set the permissions for read and write. That should take care of NTFS permissions. But no matter what I do when I click on the upload directory and go to properties is shows 'read only'. Can't seem to get that turned off. Until I do I don't believe I can upload a file to the upload directory.
I went into iis6 mgr and and set the upload directory for full access - read and write. That should take care of iis security.
I went to default website (there is only one) and allowed anon login. Even told it use the Administrator account for login with all read and write permissions.
Here is my upload code: ....
I just moved to a new, dedicated server this week. My vbulletin forum users typically upload mp3 files under 10MB. At the moment, I can't seem to get anything above 6MB to work.
In vBulletin land, they recommend changing these in php.ini:
upload_max_filesize - Largest size of a file to accept.
post_max_size - Must be larger than upload_max_filesize.
memory_limit - Should be larger than post_max_size.
max_execution_time
max_input_time
I've cranked all of those up and restarted Apache.
I'm still having the same problems. The little window with the form turns white after what appears maybe 5 minutes, but I haven't timed it.
They also mentioned changing the LimitRequestBody in Apache. I appear to be screwing that part up so I created a thread in the Apache forum specificallya about that.
[url]
So I wanted to ask if there were any other possibilities that you guys could think of that would inhibit the file size up uploads via a form.
I'm running httpd-2.2.8 and php-5.2.6. It needs to be said that this forum is config is mostly right out of the box. $_SESSION wouldn't work in php until I changed the directory for it yesterday. So there may be a very basic config setting that I missed.
---------
I decided to check my error logs.
PHP Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 9852343 bytes)
I'm confused. I have an allowed memory of 30MB (give or take). So why does a 10MB file "exhaust" it?
We have a server that we just changed over to PHPSUEXEC. On this server, we have a large IPB (Invision Power Board) forum that we have not been able to get uploads in the forum back working again. Users are getting the message that they don't have permission, and to contact an administrator.
I have looked on IPB's forum for PHPSUEXEC related issues, but can't find a solution. Of couse, before phpsuexec the "upload" folder had 777 file permissions, but under phpsuexec this must be 755. It isn't working though.
Anyone had experience with this with IPB and know how to fix it?
I've been running pure-ftpd for around 4 months now without any problems, until around 24-48 hours ago file upload has been going a bit loopy.
When you upload a file the speed bounces considerably, and at times pauses on 0kbps until it then dies and fails the upload. 9/10 uploads I have tried have failed.
[R] Opening data connection IP: 74.86.20.181 PORT: 35283
[R] LIST -al
[R] 150 Accepted data connection
[R] 226-Options: -a -l
[R] 226 6 matches total
[R] List Complete: 374 bytes in 0.64 seconds (0.6 KB/s)
Transfer queue completed
1 File failed to transfer
[R] Connection lost: chacha
We have restarted pure-ftpd a number of times, but have had no luck.
Please could you try and upload a file (at least 10mb and please nothing dodgey) to this FTP account:
address: chacha.99k.org
user: chacha@99k.org
pass: password
And output the result.
Does anyone here have experience with pure-ftpd and would possibly consider giving my system a "once over"?
I want to get a VPS to hold my sites and the websites i build for people.
I'm not sure about what happens if a client uploads something they shouldnt - be it porn, warez or whatever.
As a server owner, do i risk getting in trouble? Or am i simply the contact person .
I can't check every file that people might upload.
I'm currently a video sharing site and I'm aiming for large videos (around 500MB - 1GB), now I have to take into account an average user should only be able to do 30k-50k per sec.
So the session_timeout and upload_max need to be adjusted. Anybody with experience with large upload sites ?
First of all, I discoverd this forum during my quest to unravel the mysteries of how my site was hacked. I hope this is an appropriate forum to discuss the issues even though I am not a web hosting provider, but merely a customer of a web hosting company, hostrocket.com
I have an installation of WordPress 2.1 WordPress creates a couple world writable directories such as Uploads and Cache which are owned by nobody. Apparently (according to the tech support at hostrocket.com) someone was able to insert and exectue a php script in my world writable Uploads directory. Over 40MB of scripts, executables and files were uploaded. As best I can tell, my space was being used as some sort of link farm or perhaps acting as a server in my webspace. I do not have much knowledge about these things and consequently can't talk very inetlligently about them. But I am trying to grasp what little I am able to absorb about how this could have happened, what I can do to mitigate it from reocurring in the future.
Some of the stuff that was in the directory is as follows...
2421
bindz
h4ckerz
mass.pl p
trace-kmod
2421.1
brk
help.php
mybindshell
ptrace24
99.php
coredump
idf.php
netcat
pwned
CMD.php
dc.pl
index.html
online
r0nin
TMT.htm
elfdump
kmod2
online.tar.gz
raptor
TTdummyfile
gcc
krad3
prctl2
uselib24
bind.pl g
cc.1
list.txt
ptrace
The "online" directory contained over 40MB of directories such as...
abortion diethylpropion
accounting diflucan
accupril diovan
acne distance-education
actonel dospan
actos dovonex
acyclovir doxycycline
adderall drug
adipex drug-rehab
adventure-travel drug-test
adware dvd
adware-spyware e-pathto
affiliate-program effexor
air-travel elavil
aldara enalapril
alprazolam equity-loan
altace estradiol
amaryl evista
ambien fioricet
amitriptyline flexeril
amoxicillin flonase
amoxil florida-lottery
antivirus fluoxetine
atenolol fosamax
ativan free-poker
avandia free-slots
avapro free-spyware
baclofen furniture
bankruptcy gambling
bextra home-equity-loan
biaxin home-loan
bingo hosting
black-jack hotel
blackjack hydrocodone
blackjack-game images
bontril imitrex
britney-spears insurance-life
business internet-betting
buspar internet-gambling
buspirone loan
butalbital loans
buy-hardware lortab
buy-phentermine lottery
california-lottery lotto
captopril mesothelioma
car mortgages
car-insurance online-black-jack
carisoprodol online-casino
cars online-gambling
cartia online-loan
cash-loan online-pharmacy
casino online-poker
casino-games online-roulette
casino-las-vegas online-slot
celebrex payday-advances
celebrex-online phentermine
celexa poker
celexa-online poker-chips
cephalexin poker-game
cialis poker-tables
cigarette refinance
cigarettes refinance-house
cipro refinance-loan
claritin refinancing
clindamycin ringtones
clonazepam roulette
clonidine slot-machine
codeine slot-machines
consolidate-card slots
cozaar steroids
credit structured-settlement
credit-card texas-holdem
credit-card-debt texas-holdem-poker
credit-card-debt-consolidation texas-holdem-rules
creditcard texas-lottery
cyclobenzaprine tramadol
darvocet travel
dating travel-insurance
debt-consolidation ultram
debtcard valium
denavir viagra
diazepam vicodin
diclofenac video-poker
didrex wagering
diet-pills xanax
As you can see, I was had in a BIG way.
So the first thing my webhost had me do was to change ownership of the directories owned by nobody to me. Then I was able to change permissions from 777 to 755. However in so doing, I am no longer able to use the Dashboard of WordPress to upload images anymore, unless I temporarily change permissions back to 777.
The other thing the tech support guy did is to create an .htaccess file with,
php_flag engine off
I guess this basically renders php scripts impotent from running.
So without flaming me, can you help me understand how someone in a shared server environment is able to put a php script into one of my directories?
What amazed me was this particular script, "99.php" actually when viewed in a browser window titled phpshell was called "c99adult v. 1.0 pre-release build #16". It basically enabled whoever had access to the URL, to view my webspace, and do all sorts of nasty things. Talk about a wake-up call!
Obviously this enabled the hacker to view my config.php file and ascertain my database password and everything else. Whether he did, or whether there is a logfile of that info that could enable him to hack the database at some time in the future is unknown to me but it's really freaking me out.
I had made a page on my site earlier and when i went to it it gave me a 403 error so i tried fixing the .htacess then the site got messed up so i reset the .htacess to tis original settigns and now when i redirect to anything but the home directory it gives me a 403 error can anyone help?
View 3 Replies View RelatedI got my all accounts backup from the reseller panel I had earlier and then restored them on dedicated server using multiple account restore feature of WHM. but the problem is , when I try to open those transfered websites , they show :
Forbidden
You don't have permission to access /forums on this server.
Getting 403 errors when publishing through frontpage
Logs show modsecurity
[Wed Sep 20 16:21:46 2006] [error] [client xxx.xxx] mod_security: Access denied with code 403. Pattern match "cc:" at POST_PAYLOAD [hostname "domain.com"] [uri "/_vti_bin/_vti_aut/author.exe"]
I've been recently trying to move an account between servers, but the backup file is always incomplete. I was told that it is possible there are too many files.
I decided to tar some of them and move manually, but I cannot access the tar file. I already changed all permissions (644), owner, group, but I still get 403 Forbidden error. Is it possible that the file is too big (9 BGs), and if it is, how do I change the file size limit?
Installation was installed fine without errors and I've change the required permission to 777 as stated on the official website but I could not get rid of the Forbidden 403 error. Folder of live is on root of Public_html.
Still having issues with LiveZilla when ever I launch the chat system.
Error logs show 403 but explorer show 404 ...
I am trying to move filename.tar.gz from server A to Server B with root at both, i have moved filename into a web accessable folder and chmod the file 755, when i go to wget filename from server A I get...
View 14 Replies View RelatedThe folder is according to my FTP program chmod 755 but still when I visit the directory though the web browser it gives me the error "403 Forbidden". When I try to change the chmod in my FTP program I get the error "550 SITE CHMOD command failed.". What can the problem be? Yesturday I could get access to that folder with the MRTG graphs and today, just "403 Forbidden". What can have happened?
View 7 Replies View Relatedways to utilize dynamic merging of CSS/JS files so that the browser only has to download one file for each type. I have a solution for how I would implement this solution on a non-CMS site. What complicates this is that most of the sites I manage are based on the Joomla! CMS.
Quite often, a webpage that has been extended with 3rd party extensions can have as many as 10-12 CSS/JS files. My problem is that I haven't found a way to suppress the links from being added to the page without having to hack every single extension being used.
One thought I had was to use mod_rewrite with the Forbidden flag for all of the CSS and JS files being requested except for the combined ones I created. My question is: Will this save much load time since the browser will still need to make the same number of requests? I am assuming it will be at least marginally better since nothing is being downloaded but wasn't sure if it would be noticeable.
Sometimes this page appear for some users, May I know why ?
Code:
Forbidden
You don't have permission to access /song.php on this server.
--------------------------------------------------------------------------------
Apache Server at www.DOMAIN_NAME.com Port 80
Also sometimes "Apache Test Page" sometimes appear to some users
1- files' permission are right.
2- this error appear mainly with users whose from "Arab Gulf area" whose access Internet via proxy. May be this is reason?
I have enabled mod_status on my box. Its RH Linux EL4. I seetings in httpd.conf is as below
<Location /server-status>
SetHandler server-status
Order Deny,Allow
Deny from all
Allow from .mydomain.com
</Location>
But when I access mydomain.com/server-status it gives following error:
Forbidden
You do not have permission to access this document.
Web Server at mydomain.com