I would like to understand what permissions files must have in order to work correctly on a web server
For now I have apache2 web server and enabled site (at localhost)
In web site directory I have a simple aaa.html file with -rw-rw-r-- permissions, but when I request this page I got - "You don't have permission to access /aaa.html on this server." I thought that html file need only read permission to work correctly. Then I set max permission on the file - 777, but I still get the forbidden error.
PS I have /dir1/dir2/aaa.html.
dir1 and dir2 have drwxrwxr-x
Related
I've set up a LAMP machine with Centos, apache, MySQL and PHP 7.4.
my user via ssh is mformisano, I'm able to login via SFTP with mformisano and browse folders.
It's an intranet machine, so we are not so severe on restrictions, but, if I type the address into the browser I can execute PHP files, but these files are not able to extract files, create files, etc into the var/www/html folder.
Actually the www folder is:
drwxr-s---. 4 apache apache 31 29 ott 22.34 www
inside:
drwxr-xr-x. 21 root root 4096 29 ott 22.34 ..
drwxr-x---. 2 apache apache 6 19 ott 15.54 cgi-bin
drwxrwxr-x+ 3 apache apache 4096 2 nov 10.49 HTML
If I give permission to mformisano, I can browse via FTP, PHP is executed.
If I give permission to apache:apache I cannot browse, PHP is executed.
If I give permission to mformisano:apache I can browse, PHP is executed.
If I give permission to mformisano:mformisano I can browse, PHP is not executed.
I do need to both browse and execute PHP, so mformisano:apache should be the right way, but when I execute kickstart.php (a WordPress plugin that extracts a .jpa archive) this is not extracting and give me an error about writing permissions.
What am I doing wrong?
The PHP files are going to be parsed by Apache. Typically Apache will be running under the user www-data, in any case find out what user Apache is running under and give the appropriate permissions to the user that apache is running as. If you are a single person running the sever I would recommend SFTP login as root user, this will give you permissions to modify whatever you want on the server, but remember to change the owner and groups for any files you create as root user before logging out.
I have a website built with wordpress and uploaded on a linux server. It's been working fine for a long time, but yesterday my website started giving me 403 forbidden errors while loading image resources.
But when I open that resource in a new tab, it gets loaded successfully. Then I go back to my website, refresh it, and that particular image gets reloaded now.
I don't know what's going on. I need help.
Incorrect file permissions can cause 403 forbidden error. It makes your web server think that you do not have permission to access these files.
All folders on your WordPress site should have a file permission of 744 or 755.
All files on your WordPress site should have a file permission of 644 or 640
If you have ssh access you can change permissions using this command:
chmod -R 755 /var/www/html/yoursite
If you are using a ftp client like Filezilla you can select a folder, right click and then select File Permissions from the menu.
Also the 403 error is caused by a corrupt .htaccess file in your WordPress site.
You can generate a fresh .htaccess file by logging into your WordPress admin area and going to Settings ยป Permalinks page.
403 stands for permission denied. You need to check the permissions for those image.
Recently, I moved a website to live and all the file related operations stopped working, for e.g., copy, imagecreatefromjpeg, etc due to permissions issue.
All the files are created in files/ directory. I gave it 755 permission recursively for directories and 644 permission to all the files. Still the PHP functions didn't work. It works only if I give 777 permissions (not even 775 works).
I checked the permissions for other live projects. They had 755 for directories and 644 for files, and still they seem to work fine without any permission issues.
Could anyone please explain me the reason for this issue on this specific website?
Thanks
It sounds like an ownership issue.
To test, create a folder on the server with 777 perms (e.g. tmp, perhaps in your document root).
And then create a script (alongside tmp) that does a simple write to that folder.
<?php
file_put_contents(__DIR__ . '/tmp/test.txt', 'hello earth');
Then look at the ownership and permissions of the resultant file.
On my dev server I have Php running under the web server Apache (using mod php) on Linux (Debian). And scripts run as the user 'www-data'. So the key here is that the user www-data needs to be able to write to the folder.
If the folder isn't writable by the web server, then something like the following error is in the apache error logs:
[Tue May 10 08:27:52.404959 2016] [:error] [pid 18] [client 172.17.42.1:59832] PHP Warning: file_put_contents(/var/www/stackoverflow/tmp/test.txt): failed to open stream: Permission denied in /var/www/stackoverflow/so_test.php on line 3, referer: http://localhost/
Try and understand your server environments and unix permissions.
I have seen many questions and answers on this topic but none seem to help my situation. My PHP code is successfully creating a new logfile, but then cannot access that file to append further info, close it, etc.
I am migrating an application from local XAMPP onto LAMP: hence problem only showing up now due to Windows/XAMPP giving no permission troubles.
I started with a default Bitnami LAMP stack, and then manually setup relevant directory permissions on server:
- my sftp user has rwx on htdocs and assorted out-of-web-root directories
- apache is running as 'daemon' so I have given read & execute permissions to relevant directories for 'daemon' as group
- in most directories I have disallowed write permissions for 'daemon'
- however for my (application generated, internal) logs I have a 'logfiles' directory which has rwx for both my user and the 'daemon' group
- 'other' is -rwx for all
When I run my application it falls over pretty much immediately. The error logs showing fopen failed to open stream: permission denied. However, the permissions indicate that it should have access.
When I check the file involved it has following permissions:
-rw-r--r-- 1 daemon daemon 962 Oct 3 10:14 20151003logfile03-10-33530.txt
This tells me that the file was created by Apache (i.e. by my PHP script) and that it has read and write permissions, from when I fopen() with "w"
EDIT: adding directory info:
Folder level permissions give my ftps user and daemon (group) full rwx access:
drwxrwx--- 2 ftpuser daemon 4096 Oct 3 10:30 logfiles
BUT it can't then fopen with "a"
I am assuming that this IS a file permission problem because:
a) it works fine on XAMPP
b) it states permission error in the error log
However, I can't see why it should be a problem, given directly-specified OS-level permissions ... maybe Apache requires an .htaccess 'allow' on this directory also?
Any ideas?
Clarification re why I don't think CHMOD is the answer (sorry #RedAcid):
CHMOD 777 etc is simply a way to set the underlying permissions I already have. Each digit represents 3 binary chars, so 7 is 111 (i.e. read, write and execute). As you can see above, I have read/write/execute for PHP/Apache on folder, together with read/write for file. What I've read suggests that you need execute at directory level, but not at file level because its not trying to execute the file.
So what am I missing here? Why else might it be denying permission?
use chmod 666 for the file and proper user group permissions. folder where files are located must be writable with chmod 777
OK - I found out the problem was higher level parent directory not having read/execute permissions. Now working! (AT LAST!)
For more detail see this previous question:
PHP fopen() fails on files even with wide-open permissions
My dedicated server has Debian wheezy installed along with Apache2 php and mysql. ISPConfig3 is installed as the control panel.
After creating a site under ISPConfig and a shell user account with it I uploaded the tar file into the web directory and extracted the files.
The default ispconfig index.html file would display how ever after the extraction the index.php is not getting picked up and after deleting the default index.php i get the error message
Forbidden
You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
I tried going directly to www.domain.com/index.php and that doesnt work too.
Do I have to modify anything in apache? Any help would be appreciated.
That error is telling you the server can't read the file (or files) specified in your DirectoryIndex directive, and is trying to display a 403 (security) error document instead, which is doesn't have permission to read either.
You need to check what user your httpd daemon is running as, and make sure that user had at least read permissions to all the files in your DocumentRoot. The best way to do this is to ensure that user is the owner of the files.
On a Redhat/CentOS system, httpd runs as the user "apache"
chown -R apache:apache /var/www/html