Don't have access to index.php error.

[WaddleJrJr]

Sometimes when users try to create a thread on my forum, a xenforo overlay will show up that says,
"The following error occurred:
Forbidden

You don't have permission to access /index.php on this server."

I checked, and permissions for index.php are the standard 644. This error seems to happen at random, but when it does happen it lingers around for quite a while, and retries and refreshes don't seem to fix it consistently.

 

[Dan]

Any error messages in your Server error log in your admincp?

Is it similar to this? http://xenforo.com/community/threads/403-forbidden.14041/

 

[WaddleJrJr]

Any error messages in your Server error log in your admincp?

Is it similar to this? http://xenforo.com/community/threads/403-forbidden.14041/

Nope, none.

Also I already read that thread before posting this and it did not fix it.

 

[Dan]

I have a feeling we may need a bit more help in debugging this. Do you have access to your error logs? Are you running Apache?

 

[WaddleJrJr]

I have a feeling we may need a bit more help in debugging this. Do you have access to your error logs? Are you running Apache?

Yes, I looked at the error logs and there hasn't been anything recorded since December 23rd.

I'm pretty sure the server is running Apache.

 

[Dan]

Do you have cPanel on your hosting?

 

[WaddleJrJr]

Do you have cPanel on your hosting?

Yes. I use Cpanel.

 

[Dan]

And you have checked the error logs in cPanel as well?

 

[WaddleJrJr]

And you have checked the error logs in cPanel as well?

For some strange reason they show up completely blank, no matter what browser I view them in.

This hasn't happened in the past, though.

 

[Jake Bunce]

"The following error occurred:
Forbidden

You don't have permission to access /index.php on this server."

Everything on the front end calls index.php. If the permissions on that file were incorrect then it would affect all pages. But since this happens at random it is very likely a problem with the web server. My guess is there is an overly restrictive mod_security rule (or some other module) that is interfering with the request. For example, I have seen mod_security block post submissions that contain certain keywords.

Basically contact your host about this. Ideally they will be able to look in the server logs and identify the cause.

 

[Dan]

Are you caching sessions?
Is your online timeout to short?

Just spit balling here.

Edit. What Jake said ↑

 

[WaddleJrJr]

Everything on the front end calls index.php. If the permissions on that file were incorrect then it would affect all pages. But since this happens at random it is very likely a problem with the web server. My guess is there is an overly restrictive mod_security rule (or some other module) that is interfering with the request. For example, I have seen mod_security block post submissions that contain certain keywords.

Basically contact your host about this. Ideally they will be able to look in the server logs and identify the cause.

Alright, thanks. I will do that.

 

[Digital Doctor]

You don't have permission to access /index.php on this server."
when trying to create a thread.

Do all the problems go away if you turn off mod_security ?

 

[Digital Doctor]

My guess is there is an overly restrictive mod_security rule (or some other module) that is interfering with the request. Basically contact your host about this. Ideally they will be able to look in the server logs and identify the cause.

Seems like a lot more sites are running with mod_security on.
It might be worthwhile to keep a list of mod_security rules that tend to be the ones that cause the errors.
As well, I don't know if it is possible, but is there a way to get Xenforo to display the root cause of the error is mod_security vs. all these other weird errors ? Some error trapping or something ?

 

[Slavik]

Seems like a lot more sites are running with mod_security on.
It might be worthwhile to keep a list of mod_security rules that tend to be the ones that cause the errors.
As well, I don't know if it is possible, but is there a way to get Xenforo to display the root cause of the error is mod_security vs. all these other weird errors ? Some error trapping or something ?

Mod_security has been causing a lot of issues of late.

Personally I would just turn it off altogether.

 

[Digital Doctor]

Mod_security has been causing a lot of issues of late.
Personally I would just turn it off altogether.

Except alot of people like the security
My friend was going to abandon my Xenforo suggestion when he had trouble with mod_security & XF.

 

[Digital Doctor]

Mod_security

Did you read my suggestion about getting better error reporting and mod_security ?
Is that possible ?

 

[Slavik]

Did you read my suggestion about getting better error reporting and mod_security ?
Is that possible ?

Errr, don't recall anything like that?

Except alot of people like the security
My friend was going to abandon my Xenforo suggestion when he had trouble with mod_security & XF.

Personally I feel mod_security is an excuse to follow poor webmaster practices (dont update regularly (both the server and the software)).

 

[Digital Doctor]

Personally, I feel mod_security is an excuse to follow poor webmaster practices (dont update regularly (both the server and the software)).

Sounds like 99% of admins need it.

99.5% of Xenforo purchasers !

 

[Slavik]

Sounds like 99% of admins need it.

99.5% of Xenforo purchasers !

The point being, a lot of people think because they have mod_security enabled it is an all in 1 solution to protect their whole server stack, and then slack on other critical aspects of server ownership.

Don't get me wrong , mod_sec can be a very powerful tool, when used correctly. Maybe I should write a guide on configuring it for XenForo?