When a user asks for a resource, I redirect them to that resource on cloudflare R2. R2 bucket is behind my own DNS (if that can help or I can change something there).
The issue I am facing is a 403 Forbidden on the preflight. "Request method: OPTIONS".
did anyone face this issue here ? how can I fix it ?
I tried changing the headers on the DNS level to allow everything, but still can't figure it out.
Related
Please help me on this.Already tried disable mode_security module through .htaccess no use.
PHP Version 5.6.30
Apache redirect the request to 403 page if pass parameter below.
&test[object_type]=0
The name (object_type) leads to 403 page.
eg:http://www.cudec.com.my/?test[object_type]=0 ✖ NOT WORKING LEADS TO 403
eg:http://www.cudec.com.my/?test[object_types]=0 ✓ WORKING
Will update this post to a full answer as soon as I got more information to work with ;)
I tried to call the 403-URL:
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
You ensured that ModSecurity is the one replying with 403? Looks more like the folder permissions are insufficient.
Check if your DocumentRoot is at least readable for users (an 'r' at the last triple or 4 in the last byte).
If it's really ModSecurity, have a look into /var/log/apache2/modsecurity_audit.log and you should see which rule (by ID) is the one throwing 403 and also the reason (Error-Msg in the rule) why.
Does http://www.cudec.com.my/?test[object_types]=0 return the expected result?
The parameter doesn't seem to be interpretated when using &test[object_type] instead of &test[object_types] and the target ressource / seems to have insufficient rights, same for the error-pages...
I am using Apache 2.4.4. I used this post to get the local http website running over both http and https.
I am able to access the content via http. But if I try to access the contents over https, I am getting the error 403, Forbidden You don't have permission to access / on this server..
I tried changing file permissions using this and configuring the httpd.conf using this, still no luck.
Any suggestions/feedback is appreciated.
Solved by providing access to relevant directories rather that directly providing access to the wwwroot folder.
I want to know how to remove 403 issue for particular URL .
For example ,whatever comes after http://www.example.com/webapp/* , I need to remove 403 issue. How to set this?
you must configure your web server to allow pages from that file directory to be served to the public.
http://httpd.apache.org/docs/2.2/urlmapping.html#user
I set up apache and changed my home directory to my
desktop/project.
I created a webpage and when I try to open it with http:// localhost/app/index.html, and the website works properly without any problem. But when I give the link as http:// 127.0.0.1/app/index.html I get a error 403 Forbidden.
Thanks in advance. Any help will be appreciated.
I can access certain links from my site with no issue. However, if I try and manually type in the same URL as the link/button I get a 403 error.
FOr instance http://www.sumobid.com/logout.php
I have verfied the permissions on the file but am still getting the error.
This is on a dedicated server.
Any ideas?
Sounds like you're not logged in for the second case. I.e., you can't logout if you're not logged in.
Edit: I.e., it seems as if the app is throwing a 403 for pages that require auth but don't have it. (As opposed to, say, redirecting to the login page.)
Seems I fixed my own problem. It turns out that I had inadvertently turned on LinkProtection in cPanel. Once that was disabled everything started working as it should