SitePoint Sponsor

User Tag List

Results 1 to 9 of 9
  1. #1
    SitePoint Evangelist
    Join Date
    May 2003
    Posts
    595
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Client denied by server configuration ?

    Hi,

    I'm getting these messages, and can't figure out why, some sort of permissions problem ?

    Code:
    File does not exist: /home/username/public_html/403.shtml
    client denied by server configuration: /home/username/public_html/includes/form_check.js.php
    File does not exist: /home/username/public_html/403.shtml
    client denied by server configuration: /home/username/public_html/includes/general.js.php
    Here is the .htaccess for the .../includes path

    Code:
    # $Id: .htaccess,v 1.4 2001/04/22 20:30:03 dwatkins Exp $
    #
    # This is used with Apache WebServers
    # The following blocks direct HTTP requests in this directory recursively
    #
    # For this to work, you must include the parameter 'Limit' to the AllowOverride configuration
    #
    # Example:
    #
    #<Directory "/usr/local/apache/htdocs">
    #  AllowOverride Limit
    #
    # 'All' with also work. (This configuration is in your apache/conf/httpd.conf file)
    #
    # This does not affect PHP include/require functions
    #
    # Example: http://server/catalog/includes/application_top.php will not work
    
    <Files *.php>
    Order Deny,Allow
    Deny from all
    </Files>
    There are many other files in the same path/folder that would have been accessed when these error messages appeared, but they didn't have the file extension ".js.php", only ".php".

    There are other websites on the same server, with exactly the same setup, except for one line I added the other day in the web root path, in .htaccess

    Code:
    php_value session.use_trans_sid 0
    I was told to set that off, because I was having problems with sessions in PHP.

    Any clues please ?

    Peter

  2. #2

    Join Date
    Oct 2003
    Location
    €uroLand
    Posts
    1,340
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I am not quite sure what you exactly ask for, but your .htaccess rules basically deny all requests for .php files. .js.php files are .php files as well, because ".js" isnt the extension but part of the filename.

  3. #3
    Apache Expert i_like_php's Avatar
    Join Date
    Nov 2001
    Location
    Dallas, Texas
    Posts
    1,342
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Order Deny,Allow <<<
    Deny from all <<<

    these two lines are your problem. they should look like this...

    Order Order,Deny
    Allow from all
    i love php

  4. #4
    SitePoint Evangelist
    Join Date
    May 2003
    Posts
    595
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,

    Quote Originally Posted by drzoid
    I am not quite sure what you exactly ask for, but your .htaccess rules basically deny all requests for .php files. .js.php files are .php files as well, because ".js" isnt the extension but part of the filename.
    I'm no Apache expert, but that's not correct, because if it was, none of the sites that use these PHP files would work at all. But the sites do work and have done so for years, with the .htaccess settings.

    I think what you mean is it denies all direct requests, because it is the .htaccess file in the ../includes path, as I explained. It is not the .htaccess file in the web root path.

    From the comment here in .htaccess for the /includes path

    Code:
    The following blocks direct HTTP requests in this directory recursively
    ... "direct" requests; you cannot try and run any of the .php files in the includes path directly, they are all either executed as 'require' or 'include' statements in PHP.

    Thanks

    Peter

  5. #5
    SitePoint Evangelist
    Join Date
    May 2003
    Posts
    595
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,

    Quote Originally Posted by i_like_php
    Order Deny,Allow <<<
    Deny from all <<<

    these two lines are your problem. they should look like this...

    Order Order,Deny
    Allow from all
    I don't know what the "Order Order .. will do ?? Looks a bit strange to me.

    Peter

  6. #6
    SitePoint Evangelist
    Join Date
    May 2003
    Posts
    595
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,

    I'm now wondering if this code:

    Code:
    <script language="javascript" src="includes/general.js"></script>
    <script language="javascript" src="includes/general.js.php"></script>
    <script language="javascript" src="includes/form_check.js.php"></script>
    is the cause of the problem. To my (very limited) understanding, JS is client side, PHP is server side, so if you have a .PHP file in a "client" side scripting (Javascript), then maybe this caused the message??

    Anyway, I'll post on the Javascript forum, and ask there.

    Thanks,

    Peter

  7. #7

    Join Date
    Oct 2003
    Location
    €uroLand
    Posts
    1,340
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by jehoshua
    Hi,



    I'm no Apache expert, but that's not correct, because if it was, none of the sites that use these PHP files would work at all. But the sites do work and have done so for years, with the .htaccess settings.

    I think what you mean is it denies all direct requests, because it is the .htaccess file in the ../includes path, as I explained. It is not the .htaccess file in the web root path.

    From the comment here in .htaccess for the /includes path

    Code:
    The following blocks direct HTTP requests in this directory recursively
    ... "direct" requests; you cannot try and run any of the .php files in the includes path directly, they are all either executed as 'require' or 'include' statements in PHP.

    Thanks

    Peter
    Of course thats what I meant.

  8. #8
    Apache Expert i_like_php's Avatar
    Join Date
    Nov 2001
    Location
    Dallas, Texas
    Posts
    1,342
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by jehoshua
    Hi,



    I don't know what the "Order Order .. will do ?? Looks a bit strange to me.

    Peter
    you have it set the deny anybody trying to access the particular directory, so if you change it to the suggestion i made, then clients will be able to visit the directory in question.
    i love php

  9. #9
    SitePoint Evangelist
    Join Date
    May 2003
    Posts
    595
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,

    Quote Originally Posted by i_like_php
    you have it set the deny anybody trying to access the particular directory, so if you change it to the suggestion i made, then clients will be able to visit the directory in question.
    I think you mean deny anybody from directly accessing any PHP files, note the "files" enclosure:

    Code:
    <Files *.php>
    Order Deny,Allow
    Deny from all
    </Files>
    which considering it is the /includes path, that is what we want, no direct access to any PHP files, for anybody.

    Peter


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •