A friend and I are using MAMP to develop a site. On my computer I can access CSS files in any folder under our /application root directory. On his computer, many of them have permission forbidden.
We did CHMOD 755 and checked that his htaccess wouldn't be restricting anything. What else could cause this difference in permissions?
Error:
GET http://mysite.loc/application/javascripts/bootstrap/bootstrap-typeahead.js 403 (Forbidden) wefinance/:26
ensure the higher level permissions are properly set as well (higher level is enforced first). Also did you sudo when setting the permissions?
Ensure permissions are set properly for the www group.
Make sure your apache is configured to allow the connection, as well.
Related
I just launched a LAMP dropplet from Digital Ocean and am starting coding. When trying to create a new directory inside the web root it says
mkdir: cannot create directory ‘blog’: Permission denied
I can fix this by running chown -R user /var/www/html but I'm wondering if this will break things or if there's a better way of doing this. Thanks!
You have a variety of options on permissions, but essentially www-data needs read (and probably execute) permission.
I like to redefine the DocumentRoot in my VirtualHost definitions to use something other than /var/www/html, anyway.
For example, you could use /srv/www/sitename, and then assign permissions myuser:www-data to it.
There are also numerous threads on the DigitalOcean forums (and around the internet) about permissions schemes for web files. (e.g. Proper Permissions for Web Server Directory.)
I'm using Ubuntu 14 server from DO, with LAMP stack installed, i followed the instruction here to install flask on ubuntu because my main purpose was to use Flask on my website.
https://www.digitalocean.com/community/tutorials/how-to-deploy-a-flask-application-on-an-ubuntu-vps
During the test, when user connects to "http:/myvpsip/createfile/" which creates a new file on the current folder /var/www/, I got error from Apache saying that the file cannot be created, "permission denied".
I tried again using PHP script that create a new file on the same directory /var/www/ but got the same problem. Both of the trials were done using root account. I tried to chmod the www folder to 755 or 777 and they are not working.
My question is, how do I set permission for apache2 that when users browse the website they will be able to create/edit file on the current directory?
Thank you
This is because when you installed your application, you did so as the root user. All your application files and directories are owned by root.
If you ls -l on /var/www and look inside the FlaskApp folder structure, you will likely see permissions set like this:
-rw-r--r-- 1 root root
When Apache runs, it runs on behalf of a main process owned by the user root and several child processes owned by the user www-data. So essentially, Apache is running as if logged in as user www-data.
When your application needs to do a file or folder operation (its running on behalf of Apache www-data user), the public/world permission bits are used since Apache child processes are not running as root user and not as root group.
Looking above, we see that only the read bit is set for the public/world permissions - no write. And that is where the problem lies.
One way to solve this is to make everything under /var/www/mywebsite owned by the user root and the group www-data. This sets things up so that only the root user can have full permissions and www-data (everyone else) can only read and execute (no write).
When you setup your website, you should set it up to be under its own separate folder. This way you can have multiple virtual domains (i.e. more websites) added later on. Assuming 'mywebsite' is where your domain is and you have already installed your application software (Flask) within it:
cd /var/www/mywebsite
chown -R root:www-data /var/www
You then as the system administrator, need to understand the application and go through the folders and files setting permissions. Apply permissions generally, then on a case by case basis.
For most directories (750)
- Only root can rwx directory
- www-data can only read and execute directory
- no public/world bits set as it makes no sense (*)
For directories that can be changed by web application (770)
- Root can rwx directory
- www-data can rwx directory
- no public/world bits set as it makes no sense (*)
- for uploading files, creating images, documents, etc by the users of the site
For most files (640)
- Never set the execute bit to avoid execution of misplaced shell or executable files
- PHP, Perl, etc. are just text files. They have nothing to do with exec permission
- No group write bit set
- Read must be set for owner and group else they cant see the web document
For special case where files need to be changed (660)
- Set group write bit if you want www-data users to create things
(*) Because all users who visit Apache are running on behalf of www-data
we just moved our Magento 1.7.0.2 shop from one server to the other. We did the following:
In root folder we adjusted rewrite base in .htaccess
We activated "using rewrite url" in System=>Configuration=>General=>Web
But now every time we open any link (e.g. domain.com/about) we get following error:
403 Forbidden
You don't have permission to access /var/www/***/index.php on this server.
Apache/2.2.16 (Debian) Server at www.domain.com Port 80
Only start page can be opened. If we turn off "using rewrite url" in System=>Configuration=>General=>Web everything works again, but then any URL has an index.php included e.g. domain.com/index.php/about. We use hosted vServer with Confixx 3pro as server management software. WebServer mod_rewrite is activated for every user in Confixx user management. register_globals, safe_mode, and open_basedir are tuned off for all users.
We checked all file permissions with standard magento-check.php and also checked user with chown command via ssh several times. All mandatory files are writable and are owned by necessary user.
Do you have any idea how we can fix this? Thank you in advance!
Best regards,
Marcus
I'm newbie in the web development, and I'm trying to make a website. So, my website works fine on the server but not on my own (Apache). My sources are in ~/public_html/. The problem is I don't have permissions on the sub/sub directory, I mean, when it's a directory, it works fine, when it's directory in a directory, it doesn't. (403 Forbidden). I don't change my default Apache configuration excluding for include mysql and php.
All my directories have the same permissions. Maybe I need to configure something for that?
Thanks
I used this little script found at this link http://boomshadow.net/tech/fixes/fixperms-script/
Fixperms – for one single user
To use the fixperms script, simply log into your server as root, wget the file from our server, then run it. Type in the cPanel username and it will run only for that particular account.
It does not matter which directory you are in when you run fixperms. You can be in the user’s home directory, the server root, etc. The script will not affect anything outside of the particular user’s folder.
Should be done in SSH
root#example [~]# wget boomshadow.net/tools-utils/fixperms.sh
root#example [~]# sh ./fixperms.sh -a USER-NAME
Fixperms – for all of the users
If you would like fix the permissions for every user on your cPanel server, simply use the ‘-all’ option:
root#example [~]# wget boomshadow.net/tools-utils/fixperms.sh
root#example [~]#sh ./fixperms.sh -all
I am getting the following error:
Forbidden: You don't have permission to access [directory] on this server.
I need direct access to this directory and sub folders on that directory so that my Android Application can communicate with it.
I tried putting folders on a Hosting Server and everything works fine.
But, I am doing an academic project and I need to store these folders and scripts on a University Web Server which can talk to localhost locally.
1.
If you have the possiblity and your server is a linux server, you can change the permissions with something like
sudo chmod -R 777 /var/www/folder
Or completely change the owner with
sudo chown -R user /var/www/folder
2.
Look into the apache configuration files and also the .htaccess, if the directory is blocked by
Deny from all
Or simply not allowed. You could allow the directory by creating a .htaccess file and enter
<Directory yourdirectory>
Order allow,deny
Allow from all
</Directory>