Search Results

Search found 666 results on 27 pages for '403'.

Page 17/27 | < Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24  | Next Page >

• Avoid Apache's mod_status being exposed by Varnish

  - by Peteris Caune

  An Ubuntu 9.04 box running Apache on 8080 and Varnish on 80. Recently set up Munin and was wondering why Apache graphs are empty. Saw from the logs that Munin is accessing /server-status?auto and getting 403 Forbidden back. So I edited /etc/apache2/monds-enabled/status.conf to allow access from 127.0.0.1. But doing this actually made /server-status public, since requests coming through Varnish appear to come from 127.0.0.1 too. So the question is, how do I configure mod_status to be accessible only by munin-node and not by Varnish?

  Read the article

• iis windos authentication way to turn off password prompt

  - by Ellery Newcomer

  IIS noobie here. I have an intranet website hosted by IIS (6? I'll check after the weekend) that is set to Windows Authentication. Whenever there is some sort of authentication failure, the website gives the user a windows account sort of password prompt and doesn't display a 403 (or 401 or whatever) page unless the user cancels the prompt. However, entering a password is never, ever a use case for this website. Is there a way to turn off the password prompt and just display the error page? Bonus: are there any good hooks for this precise point for code that would do diagnosis and logging?

  Read the article

• How to exclude a sub-folder from HTaccess RewriteRule

  - by amb9800

  I have WordPress installed in my root directory, for which a RewriteRule is in place. I need to password-protect a subfolder ("blue"), so I set the htaccess in that folder as such. Problem is that the root htaccess RewriteRule is applying to "blue" and thus I get a 404 in the main WordPress site (instead of opening the password dialog for the subfolder). Here's the root htaccess: RewriteEngine on <Files 403.shtml> order allow,deny allow from all </Files> <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> I tried inserting this as the second line, to no avail: RewriteRule ^(blue)($|/) - [L] Also tried inserting this before the index.php RewriteRule: RewriteCond %{REQUEST_URI} !^/blue/ That didn't work either. Also inserted this into the subfolder's htaccess, which didn't work either: <IfModule mod_rewrite.c> RewriteEngine off </IfModule> Any ideas?

  Read the article

• Best Method/Library For Remote Authentication

  - by Mike

  I have a web app that has a REST API interface: http://api.example.com/core that uses API Keys and domain specific keys (key has to be used on the specified domain). I then will have several client sites with ajax forms where we will require users to sign in before being able to submit the form. This form will add data to a table, and submit an email to several recipients along with checking credentials. This form will use an ajax submit to our REST API. All Communication to/from the API is over SSL Ideal Flow: Visitor Fills Form Out -> Enters User/pass -> Submits Form -> ajax request to REST API -> API Verifies credentials -> does CRUD -> sends emails -> returns 200/403 -> perform DOM manipulation based on return code in ajax call Are there any libraries in PHP that currently do something to this similarly? Would OAuth be a good use for this scenario? Languages used are: js/html/css/php/MySQL

  Read the article

• Problem accessing the remote working space on my new SBS 2008 box

  - by Dabblernl

  This supposedly easy to install OS is starting to drive me nuts... SYMPTOMS: When trying to connect to the remote workplace I get (and ignore) the security warning because I am currently testing with the self issued certificate. After loggin in the remote workplace's main screen displays but the images on it do not load. When I try to click the email link I am thrown back to the login screen. If I try the login to exchange directly by typing in the remote.mydomain.com/owa address I get a 403 error that I am denied access. The problem occurs on both a vista and a win 7 machine. It seems that some security setting is playing tricks with me. How can I troubleshoot this?

  Read the article

• Terminal command to change permissions to my 'Sites' folder and apply change to enclosed items?

  - by Ryan

  Using Snow Leopard, I'm having issues with permissions in my Sites folder. While I can navigate to localhost/~username and read any files or folders there, the same permissions have not been applied to enclosed items, and I get a 403 error trying to access them in the browser. If I select one of these enclosed folders and get info using Finder, I see the user 'Everyone' is set to 'No Access' but I can't change that (this behavior seems buggy, actually). And if I select my 'Sites' folder, the tool to 'Apply to enclosed items' is grayed out... Is there a Terminal command I can use to grant 'Read Only' access to my Sites folder, and all it contains, for the user 'Everyone'?

  Read the article

• Web service access fails when users password is in warning period

  - by uSlackr

  We have a number of locally installed .Net apps that communicate via web services. Authentication in IIS is handled by Windows Authentication so no additional login is required. We recently began seeing a problem where users are getting a application 403 error when there password is 14 days (or less) from expiring. As this sometime happens in the the middle of the day (login in the morning OK, but password reaches <14 days during the day), this comes as a surprise as they haven't been warned to change their password. Of course, one would expect they should be able to work until the password is expired. Any idea on what could be happening here? Why would IIS reject a login if the passsword hasn't actually expired? Can we change that behaviour? Thanks \\Greg

  Read the article

• How can I redirect all files in a directory that doesn't conform to a certain filename structure?

  - by user18842

  I have a website where a previous developer had updated several webpages. The issue is that the developer had made each new webpage with new filenames, and deleted the old filenames. I've worked with .htaccess redirects for a few months now, and have some understanding of the usage, however, I am stumped with this task. The old pages were named like so: www.domain.tld/subdir/file.html The new pages are named: www.domain.tld/subdir/file-new-name.html The first word of all new files is the exact name of the old file, and all new files have the same last 2 words. www.domain.tld/subdir/file1-new-name.html www.domain.tld/subdir/file2-new-name.html www.domain.tld/subdir/file3-new-name.html ect. We also need to be able to access the url: www.domain.tld/subdir/ The new files have been indexed by google (the old urls cause 404s, and need redirected to the new so that google will be friendly), and the client wants to keep the new filenames as they are more descriptive. I've attempted to redirect it in many different ways without success, but I'll show the one that stumps me the most RewriteBase / RewriteCond %{THE_REQUEST} !^subdir/.*\-new\-name\.html RewriteCond %{THE_REQUEST} !^subdir/$ RewriteRule ^subdir/(.*)\.html$ http://www.domain.tld/subdir/$1\-new\-name\.html [R=301,NC] When visiting www.domain.tld/subdir/file1.html in the browser, this causes a 403 Forbidden error with a url like so: www.domain.tld/subdir/file1-new-name-new-name-new-name-new-name-new-name-new-name-new-name-new-name-new-name-new-name-new-name-new-name-new-name.html I'm certain it's probably something simple that I'm overlooking, can someone please help me get a proper redirect? Thanks so much in advance! EDIT I've also got all the old filenames saved on a separate document in case I need them set up like the following example: (file(1|2|3|4|5)|page(1|2|3|4|5)|a(l(l|lowed|ter)|ccept)

  Read the article

• Location Directive in a VirtualHost

  - by Yehia A.Salam

  I'm trying to add server-status location directive under one of my virtual host, however i'm getting a 403 Access Forbidden when browsing to www.mywebsite.com/server-status. Is it legal to put the Location Directive under a virtual host? Edit #1: Full vhost config <VirtualHost *:80> # Admin email, Server Name (domain name) and any aliases ServerAdmin [email protected] ServerName aumento.io ServerAlias www.aumento.io # Index file and Document Root (where the public files are located) DirectoryIndex index.html index.php DocumentRoot /home/cairocubicles/web/aumento.io/public <Directory /home/cairocubicles/web/aumento.io/public> Order Allow,Deny Allow from all Options Indexes FollowSymLinks AllowOverride All AcceptPathInfo On </Directory> <Location /server-status> SetHandler server-status Order deny,allow Deny from all Allow from aumento.io </Location> # Custom log file locations LogLevel warn ErrorLog /home/cairocubicles/web/aumento.io/log/error.log </VirtualHost>

  Read the article

• Apache 2 Symbolic link not allowed or link target not accessible

  - by astropanic

  My apache server runs as user foo. I have some Rails applications in /home/foo/app1 /home/foo/app2. Each of them has an vhost <VirtualHost *:80> ServerName app1.foobar.com ServerAlias www.app1.foobar.com DocumentRoot /var/www/html/app1/current/public RailsEnv production <Directory /var/www/html/app1/current/public> AllowOverride all Options -MultiViews </Directory> </VirtualHost> I have a symlink in /var/www/html/app1 : current -> /home/foo/app1/tmp_20102611 All file permissons are set correctly (user foo group foo), I can go through the filesystem from shell. SELINUX is disabled Distro is CentOs 5.5 Which the above symlink I get an 403 and an error entry in error_log Symbolic link not allowed or link target not accessible:/var/www/html/app1/current When I symlink my app in the subdir of /var/www/html instead of /home/foo it works. How I can avoid this error still placing my app in my /home/foo directory ?

  Read the article

• nginx deny directory and files to be downloaded

  - by YeppThat'sMe

  gurus. I have a problem and i dont know how to solve it. I am working with Git and Compass/SASS on some projects. Now i want to protect those directories. When i go only to the folder its all fine – i get what i expected a 403 forbidden. location ~ /\.git { deny all; } But when i try use the full path to the config file from git the browser start to download it. Same scenario with compass. There is a config.rb file within the folder which also starts to download it. How can i prevent this behaviour? How can i deny downloading specific files?

  Read the article

• .htaccess rewrite issue

  - by Jessica

  Below is my .htaccess file for my website on shared hosting - I'm attempting to send all requests to index.php with parameter 'q' where I wish to parse data etc... unless it's an existing file or directory. So my issue, if I attempt to browse to an actual directory expecting to get an unauthorized notice (options -Indexes) it sends me to my index.php and I also noticed that print_r($_GET) it gives me this: Array ( [q] => 403.shtml ) AddDefaultCharset UTF-8 Options -Indexes +FollowSymLinks <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{HTTP_HOST} !^$ RewriteCond %{HTTP_HOST} !^www\. [NC] RewriteCond %{HTTPS}s ^on(s)| RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php?q=$1 [L,QSA] </IfModule> Help would be much appreciated if possible :)

  Read the article

• Apache trailing slash added to files problem

  - by Francisc

  Hello! I am having a problem with Apache. What it does is this: Take /index.php file containing an code with src set to relative path myimg.jpg, both in the root of my server. So, www.mysite.com would show the image as would www.mysite.com/index.php. However, if I access www.mysite.com/index.php/ (with a trailing slash) it does the odd thing of executing index.php code as it would be inside an index.php folder (e.g. /index.php/index.php), thus not showing the image anymore. This is a simple example that's easy to solve with absolte addressing etc, the problem I am getting from this a security one that's not so easily fixed. So, how can I get Apache to give a 403 or 404 when files are accessed "as folders"? Thank you.

  Read the article

• How to block this URL pattern in Varnish VCL?

  - by iTech

  My website is getting badly hit by spambots and scrappers, I am using Cloudflare but the problem still remains there. The problem is spambots accessing non-existing urls causing a lot of load to my drupal backend which goes all the way and bootstraps db just to serve a 404 error doc. I cant simply dish out non-drupal 404's for all page not found errors, as I need to have drupal catch them. Since, varnish is in front it can check if the bot is acting nice and asking for valid url - if not it servers them a 404 or 403. These bots are causing errors using this pattern : http://www.megaleecher.net/http:/www.megaleecher.net/Using_iPhone_As_USB_Mass_S/Using_iPhone_As_USB_Mass_S/Using_iPhone_As_USB_Mass_S/Using_iPhone_As_USB_Mass_S/Using_iPhone_As_USB_Mass_S/Using_iPhone_As_USB_Mass_S/Using_iPhone_As_USB_Mass_S/Using_iPhone_As_USB_Mass_Storage Now, pls. suggest a regex varnbisg VCL directive which catches this URL pattern and serves a 404 error from varnish, preventing it from reaching apache/drupal ?

  Read the article

• Images not accessible in localhost using wamp in windows 7 [closed]

  - by Am poru

  I Installed wamp in windows 7 pro, and copied a joomla live site. Everything seems working well except that it doesn't load the images on the page. Even when I try to access in directly: localhost/logo.png Im getting an 403 Forbidden: Forbidden You don't have permission to access /logo.png on this server. Solutions I have tried are: 1. Using icacls to grant priviledge 2. manually set the permission by right clicking the image and editing the security. php, html and other files are loading in the browser, but not images. Please help.

  Read the article

• Setting the server to look for index.php file by default

  - by ????? ???????

  I am a web developer and I've requested our Sys-Admin to setup a server for my team that will be used as a development environment. The PHP is running as a CGI. When i try to open http://myaddress/ I receive 403 Forbidden. When I try to open http://myaddress/index.php everything is fine. How do I set the server to look for index.php file by default? P.S The sysadmin is not currently here, so he cannot do it for me.

  Read the article

• Error page for OWA users on a different server?

  - by W_P

  We are getting ready to do a network-wide upgrade to Exchange 2010. The url for the old 2007 mailboxes is at https://mail.example.com and users who have had their mail box moved will have to go to https://Email.example.com If a user that has a 2010 mailbox attempts to login at the 2007 OWA location, they get a standard 403 Forbidden page. We would like to show them a page of our own making, that includes a link to the 2010 OWA login page. I assumed we could do this with an IIS Custom Error page, but setting the 403.4 error page in IIS on the Default web site doesn't seem to be working. Does anyone know how we could get around this? BTW, our OWA for the 2007 boxes in on Windows Server 2003, and IIS 6

  Read the article

• htaccess not found

  - by clarkk

  I have installed a Apache 2 (from webmin) server on Debian 6.. I have setup a virtual host db.domain.com on the server which works fine, but .htaccess doesn't work if you get access from the ip address and the directory is listed if no index.php is found? db.domain.com -> 403 forbidden xxx.xxx.xxx.xxx -> gets access to the server Why is .htaccess omitted when you get access from the servers ip address? httpd.conf <Directory *> Options -Indexes FollowSymLinks </Directory> <VirtualHost *:80> ServerName db.domain.com DocumentRoot /var/www </VirtualHost> htaccess order deny,allow deny from all

  Read the article

• How to throw a 404 error from htaccess?

  - by John Isaacks

  Everything I find seems to be about created a custom 404 page. That is not what I am trying to do. If I want to block access to a page I can do this in htaccess: RewriteRule pattern - [F] However, "Forbidden" hints that the page does exists. I want the page to appear to not even exist. So I would like to give a 404 error instead of a 403. Then have it render whatever 404 page would render if the resource really wasn't there. How can I do that?

  Read the article

• Setting up Apache directory root behavior

  - by Corey

  I'm running Apache on a Windows machine for local testing and I'm new to it. Currently, if I navigate to localhost/ in a web browser, it will display an index.html page if one exists. Otherwise, it will display the directory listing. How can I make it so that navigating to a root directory will display more than index.html? What I need is so that if either: index.html, index.htm, or index.php exist, it will navigate to one of those. How can I disable showing directory roots? I would like it to return a 403 Forbidden error if no index page exists.

  Read the article

• Apache: Stealth 404 the admin area until authenticated via basic auth, then allow access

  - by Kzqai

  Given a administrative area with urls like this: wp-admin/ wp-admin/whatever wp-admin/another-page wp-adminsecretlogin/ A standard basic-auth coverage would provide a username and password prompt on all three urls, and return a 403 on all failed auth attempts. This is a pretty obvious signal that something exists there, and thus is an invitation to script/brute force access. I would like to instead, require basic auth everywhere, but when not authenticated, not prompt for username and password, and instead return a 404 not found error for all urls except a wp-adminsecretlogin/ url. At that individual-to-the-site url, basic auth could go through, and unlock the rest of the administrative functionality (though the standard application login would still be necessary). How would I do that via apache .htaccess or .conf directives?

  Read the article

• curl blocked at TMG firewall

  - by jemtube100

  i using TMG (threat management gateway) firewall at my web server. when i try to use Curl from outside, this firewall was blocked the connection. what rule/setting that i need to create at TMG to allow it. the error state as below : Refresh page: Search for the page again by clicking the Refresh button. The timeout may have occurred due to Internet congestion. Check spelling: Check that you typed the Web page address correctly. The address may have been mistyped. Access from a link: If there is a link to the page you are looking for, try accessing the page from that link. </UL> <HR color=#c0c0c0 noShade> <P id=L_defaultr_11>Technical Information (for support personnel)</P> <UL> <LI id=L_defaultr_12>Error Code: 403 Forbidden. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. (12202)

  Read the article

• connecting hostname to server

  - by Michael Ropy

  I have an ubuntu server installed on my server with virtualmin webmin. everything is good the server itself....I can connect to localhost and the virtualmin manager (http://localhost:10000). the problem is, I can't connect to it from a client computer. For example when I enter the IP address of the server, its shows me 403 forbidden error (sometimes its shows the homepage right)...but the virtualmin manager could not open... if my website is example.com with this ip: xxx.xxx.xxx.xxx, i can't connect to example.com:10000 or xxx.xxx.xxx.xxx:10000 what should I do?

  Read the article

• wamp remote access

  - by user1589779

  I have a wamp server (Version 2.2 on Windows 7) running on my computer that works perfectly well for localhost access. But now, I need to grant access to a collegue on the same subnetwork. How to achieve that? My collegue receives a 403 error from the browser. I have 2 vhost : <VirtualHost *:80> ServerName localhost DocumentRoot "D:/Workspace" </VirtualHost> <VirtualHost *:80> ServerName oscar DocumentRoot "D:/Workspace/SMACS3/web/htdocs" </VirtualHost>

  Read the article

• Error while deploying a web application in OSGI container using pax web

  - by RaulDM

  Hello I am trying to deploy a web application in a Felix container. I have all the required configuration done with my web app like the setting up of the manifest headers: Webapp-Context: Bundle-ClassPath: Bundle-Activator: Import-Package: Bundle-SymbolicName: etc The Pax bundles that I have dropped in the same container are: pax-web-service-0.6.0.jar pax-web-jsp-0.7.1.jar pax-web-extender-war-0.7.1.jar pax-logging-service-1.5.0.jar pax-logging-api-1.5.0.jar Though it had been written in the pax web site that pax-web-service is included in pax-war-extender, it seems without pax-web-service bundle, all other bundles become handicapped. I had removed the other pax bundles like pax-web-extender-whiteboard-0.7.1.jar pax-web-jetty-0.7.1.jar, as I have not seen any usefulness of those. The pax-web-jetty-0.7.1.jar even does not get start up. it has dependencies which it could not be able to resolve from any one of the bundle provided by PAX. My browser is displaying: HTTP ERROR 403 Problem accessing /adminmodule/. Reason: FORBIDDEN Powered by Jetty:// while the Console log says: [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.mortbay.jetty - REQUEST /adminmodule/ on org.mortbay.jetty.HttpConnection@1e94001 [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.ops4j.pax.web.service.internal.model.ServerModel - Matching [/adminmodule/]... [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.ops4j.pax.web.service.internal.model.ServerModel - Path [/adminmodule/] matched to {pattern=/adminmodule/.*,model=ResourceModel{id=org.ops4j.pax.web.service.internal.model.ResourceModel-2,name=,urlPatterns=[/],alias=/,servlet=ResourceServlet{context=/adminmodule,alias=/,name=},initParams={},context=ContextModel{id=org.ops4j.pax.web.service.internal.model.ContextModel-1,name=adminmodule,httpContext=org.ops4j.pax.web.extender.war.internal.WebAppWebContainerContext@11710be,contextParams={webapp.context=adminmodule}}}} [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.ops4j.pax.web.service.internal.HttpServiceContext - Handling request for [/adminmodule/] using http context [org.ops4j.pax.web.extender.war.internal.WebAppWebContainerContext@11710be] [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.mortbay.jetty - sessionManager=org.mortbay.jetty.servlet.HashSessionManager@19c6163 [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.mortbay.jetty - session=null [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.mortbay.jetty - servlet= [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.mortbay.jetty - chain=org.ops4j.pax.web.service.internal.model.FilterModel-3- [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.mortbay.jetty - servlet holder= [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.mortbay.jetty - call filter org.ops4j.pax.web.service.internal.model.FilterModel-3 [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.ops4j.pax.web.service.internal.WelcomeFilesFilter - Apply welcome files filter... [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.ops4j.pax.web.service.internal.WelcomeFilesFilter - Servlet path: / [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.ops4j.pax.web.service.internal.WelcomeFilesFilter - Path info: null [5884890@qtp-16567002-0 - /adminmodule/] INFO org.ops4j.pax.web.service.internal.HttpServiceContext - getting resource: [/adminmodule.jsp] [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.ops4j.pax.web.extender.war.internal.WebAppWebContainerContext - Searching bundle [com.cisco.zaloni.gwt.admin [1]] for resource [/adminmodule.jsp], normalized to [adminmodule.jsp] [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.ops4j.pax.web.extender.war.internal.WebAppWebContainerContext - Resource not found [5884890@qtp-16567002-0 - /adminmodule/] INFO org.ops4j.pax.web.service.internal.HttpServiceContext - found resource: null [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.mortbay.jetty - call servlet [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.ops4j.pax.web.extender.war.internal.WebAppWebContainerContext - Searching bundle [com.cisco.zaloni.gwt.admin [1]] for resource [/], normalized to [/] [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.ops4j.pax.web.extender.war.internal.WebAppWebContainerContext - Resource found as url [bundle://1.0:1/] [5884890@qtp-16567002-0 - /adminmodule/] DEBUG org.mortbay.jetty - RESPONSE /adminmodule/ 403 It is really frustrating. please help. as I am new to OSGI. Raul

  Read the article

< Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24  | Next Page >