I have come to this peculiar issue where Apache returns a 403 Forbidden message if anywhere in the url the string '.profile' apears.
Specifically I have stumbled upon this issue when trying to use Google's OAuth where after user provides authorization he is redirected back to the original website. In the return url variables are also provided like below
https://example.com/?state=M0L2Bse6HGHDDADgdsfsdfeefsfe3y0G&code=4%2F0AX4XfWiKNFYg4JtLESnSMmhr-HOHcM45mwn48yGSyi8FoTS3hZMZ4aTjjutw_ilUC9ZeNg&scope=email+profile+openid+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&authuser=0&prompt=none#
which include the word '.profile' this will throw a 403 Error.
After a lot of experimenting I have found that removing or altering the '.profile' word in any way allows the request to go through.
I have edited .htacccess and removed all rules just to make sure but still the error persists.
I have also tried deploying the same project on nginx and it runs without any issues. Thus I believe this is Apache specific.
Anyone knows what could be off here?
So I am trying to get Symfony working on my server by following these install instructions.
http://symfony.com/doc/current/book/installation.html#book-installation-permissions
I got to the part where I ran this command in console in the directory where I wanted the framework to be installed.
symfony new my_project_name
I then followed these instructions to set my web root directory to /web as I believe I'm supposed to do?
It installed all the files correctly since I can see them in the folder. I made sure to restart apache and I'm positive document root is in the correct location.
http://tecadmin.net/how-to-change-document-root-of-primary-domain-in-cpanel/#
Once I did this I was supposed to be able to test the installation, but nothing seems to happen except that 406 error?
This is the exact error I get.
An appropriate representation of the requested resource /app.php could not be found on this server.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
I'm not sure what else to do.
Please note, that since I'm using CPANEL I can't change the virtual host configurations of apache if that is the issue, so I'm looking for a CPanel specific answer. Thank you!
Okay so I finally figured out what to do, I had 2 problems. Because I installed as the 'root' user I had to run the following command on the symfony installation.
chown -R devdistribution:devdistribution .
In my case, my username is devdistribution but you would just put your own. Make sure to do this on the top level not just the /web folder.
I knew this was one of the errors because the apache log said something along these lines
Mismatch between target UID (520) and UID (501) of file "/home/devdistribution/public_html/distribution_tech/web/app.php"
This fixed the 500 error, but not the 406. To fix the 406 error you need to login into WHM and type modsecurity to find it in the search field.
go to the configuration option for it, you will see this.
Rules Engine SecRuleEngine
This setting controls the behavior of the rules engine.
Process the rules.
Do not process the rules.
Process the rules in verbose mode, but do not execute disruptive actions.
Select 'Do not process the rules'. Then save at the bottom. This fixed the issue for me and I was able to see the opening symfony screen!
However, this I'm sure leaves security vulnerabilities now...so I still need help on the proper way to handle mod security with symfony in this case if anyone knows? I'll make a separate question for this.
Step 1:
Login to your cPanel account and start searching for the file manager icon under the files section.
Step 2:
As always, you need to make sure, you see the public_html directory. Depending on the web hosting you have, you may also see the home directory after opening the file manager.
Step 3:
Find the .htaccess file and right-click to edit.
Step 4:
After choosing an edit option, you see a popup asking to disable encoding if you wish. You have to click on the Edit button to continue.
Step 5:
On a new tab, you can see many rewritten rules. You have to add the code to the .htaccess file.
<IfModule mod_security.c>
SecFilterEngineOff
SecFilterScanPOSTOff
</IfModule>
This is the URL of the site I am referring to: http://www.nagorik.org/
The site seems to be working fine.
However, when I am trying to access the admin site through http://www.nagorik.org/wp-login.php, I get the following message in Firefox:
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
This problem can sometimes be caused by disabling or refusing to accept cookies.
Any idea why this might be happening?
Some notes:
I checked the error log file; nothing new in it.
I have nagorik.org redirecting to www.nagorik.org
Firefox has detected that the server is redirecting the request for
this address in a way that will never complete. This problem can
sometimes be caused by disabling or refusing to accept cookies.
Let's try to check the cookie settings to see if it helps.
https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
One issue I see is you're missing a ton of Wordpress files in /wp-admin/. You might want to consider reinstalling wordpress or at least re-uploading the /wp-admin/ directory.
I have phpMyAdmin on a remote server. It was fine until today, I used it many times (so the username and password are fine). However, today the whole site did not worked, it simply said "too many connections".
First I retried to restart Apache and MySQL, and it didn't fixed the problem.
Then I rebooted it with shutdown -r now, and the main site does work now, but phpMyAdmin still won't log in (and it does not show any error). After typing my user and password and hitting enter, it shows the exact page (with no error) as nothing would have happened. I can see that the token is different in the Address bar though.
I tried removing all php sessions manually from /tmp folder (by ftp), and it has the same problem. Could the database of phpMyAdmin itself be corrupt? How can I fix this?
Thanks in advance
My issue was, I was using HTTP instead of HTTPS. I don't know why, my server allows both connections, but I must have made a change some where so it only allows HTTPS connections. Once I switched over, the website started to work again.
In my case, the hard drive on the server was full.
In Linux, use df -h to view the available space on the hard drive and clean up unnecessary files.
I just spend forever troubleshooting this.
You are missing the mcrypt extension.
The mcrypt extension is missing. Please check your PHP configuration
You can check if this is the case by forcing
$cfg['Servers'][$i]['auth_type'] = 'http';
and looking at errors when you login.
Possibly no space left on the device. In many cases it will not allow to create the session due to lack of space for the file.
Possible reasons are-
a) user has been locked.
b) There are too many users more than specified.
c) Your System/Ip (rights were provided to which) has been changed.
Please follow below steps-
Step1: Please server connect with root user and check if you are able to use your DB.
Step2: execute below commands.
mysql> flush hosts;
Now try to connect from phpmyadmin if success then fine other wise check if you are getting any IP related error if yes then check if that ip have required permissions.
Other Reasons may be
opened_files_limit crossed whatever you mentioned in your configuration file.
disk full.
too many thread opened/too many connections.
your login_user has been locked due to wrong password input a certain times (limit mentioned in configuration file default is 10).
mysql port (default is 3306) is not open on DB server from outside.
user does not have permissions from your system IP. etc.
In my case, it was that I was trying to access through HTTP, not HTTPS.
Once I changed the address to https://mysite/phpmyadmin I was able to access.
I had similar problems with login. I solved it by clearing browsing data in Chrome. Maybe just simple restarting Chrome would be enough. I noticed that I was able to login in incognito mode even without clearing browsing data or restarting Chrome.
Interesting when I was trying clearing cookies for site manually it didn't solve the problem.
Check if there is enough space available on server. In my case it was space problem. I deleted some files and its working fine now.
To check available space : df -h
To check available inodes : df -i
CodeIgniter cache was taking so much space.
If there are multiple MYSQL connection running simultaneously, PHPMYADMIN won't allow you to login (neither it'll show any error).
Either you need to increase your max_user_connection value (you can do that via ini) or you need to wait for sometime and try.
Had the same issue.
I made a typo in my php.ini file (letter 'B' at the end of 2GB is the error):
post_max_size = 2GB
upload_max_filesize = 2GB
Apache started up but the php.ini file didn't load correctly. After fixing the typos and reloading Apache every thing worked ok.
Another reason not mentioned so far:
Modifying the webserver headers such as X-Frame-Options and others can have an effect on loading any page post-login. After login, you may see the login page refresh, but notice the address bar shows index.php+hash (meaning you are actually logged in). Or, you may simply get a blank page.
Use a browser inspector to check your PMA login page for headers received - if you see something, check your webserver configuration files for header modifications. In my case X-Frame-Options was set along with others. Once I commented these out, PMA was fine..
sudo htpasswd /etc/phpmyadmin/htpasswd.setup admin
a redirect can cause error.
for example this lines in .htaccess in root folder :
# redirect all index.php to the folder root
RewriteCond %{THE_REQUEST} ^.*/index\.php
RewriteRule ^(.*)index.php$ /$1 [R=301,L]
to solve it , you can simply create a .htaccess in PMA directory and put this line in it :
RewriteEngine Off
My issue was a hard coded host ip in the config file:
$cfg['Servers'][$i]['host']
Since my host IP has changed, I started having the issue.
Hope this helps someone else.
This is just a work around but it works for me. When trying to connect to phpMyAdmin use the local host IP address instead of the word 'localhost'.
For example type '127.0.0.1/phpMyAdmin'
im working with scriptcase php code generator and as i build up my project, i uploaded it into my account in siteground.com. Now, i try to open it from the browser using mydomain.com/project_folder and it needs the initial configuaration.. all well till now, the prboblem starts when i get to the 3rd step where i need to setup or edit my db connection.. here it shows me this:
"404 - Not Found
The page you are trying to access does not exist.
If this error persists, please contact the website webmaster.
If you are the webmaster of this site make sure that:
You have uploaded correctly your files to the public_html directory which is the web-root of your account;
You have not misspelled the URL. Bear in mind that letters are case sensitive and no blank spaces are recommended;
In case you have applied SEO - SEF URL rewrite rules, make sure you have renamed the htaccess.txt file to .htaccess. If there is already a non-empty .htaccess file, check it and make sure the necessary rules are uncommented."
.. and, when i click on the rename connection, it shows:
"Rename Connection
There are no connections saved on the production environment."
none of these reasons is the one causing the problem..than what should i do??
thanks in advance!!
Not sure about siteground but important to give all files in the _lib directory of your app 777 permissions while you are setting it up
Also SC heavily uses sessions -- make sure you clear all cookies in your browser when moving from one SC app to another