Apache - 403 forbidden to access some static files
Solution 1
It is really common when using AllowOverride All to find .htaccess files in other directories above where you are working that impact your configuration. Per the comment thread posting this answer to collect the bounty. Here is an example find command:
find DocumentRoot -name .htacccess -print
Will print any other .htaccess files.
Solution 2
Find all the .htaccess
files with:
find /var/www/ -name .htaccess
As a temporary, change:
Order deny,allow
Allow from all
to:
Order allow,deny
Allow from all
to ensure that there is no Deny
rules processed before.
Related videos on Youtube
Dalen
Here something about me you can find on the social part of the web: github @pelto_pekka linkedin CV
Updated on September 18, 2022Comments
-
Dalen over 1 year
I'm having a hard time with .htaccess directive. I'm trying to have URL rewriting for Codeigniter framework.
Everything works as expected on the production server but I'm not able to properly set up my own testing server.
Testing server
URL rewriting works great, php files are rendered as expected, but all files included via HTML (css, js, img) are not displayed as they are not accessible due to:
403 Forbidden You don't have permission to access /path/to/file/plugins-min.css on this server.
Here is my .htaccess file:
RewriteEngine On # Do not enable rewriting for files or directories that exist RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d # For requests that are not actual files or directories, # Rewrite to index.php/URL RewriteRule ^(.*)$ index.php/$1 [PT,L]
This is the Apache2 configuration for my document folder:
<Directory /document/folder/> Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec AllowOverride All Order deny,allow Allow from all </Directory>
When I set
AllowOverride
toNone
(i.e. not rewriting URLs) then static files are correctly shown.When images are uploaded via script they are shown on the page even if they have the same permissions/owners/groups as the other files which are not accessible.
Everything has the same permissions and owners on the site.
I think my Apache configuration has something which prevents the 'included HTML' files from being accessible, as the Apache error log says:
[Wed Aug 17 22:29:24 2011] [error] [client <MY IP>] client denied by server configuration: /var/www/site.com/application/assets/js/admin.js, referer: http://<MY IP>/site.com/page/edit/
Thanks in advance
-
polynomial over 12 yearsIs it possible you have another .htaccess somewhere in the path that is causing grief?
-
Dalen over 12 years@polynomial: I did look better to my folders and actually there where .htaccess files bothering out there. If you post an answer you'll get the bounty!
-
polynomial over 12 yearscool glad that helped!
-
-
Dalen over 12 yearsHi @Reza, I did try your soluton but it did't solved the issued.
Allow from All
doesn't already include loopback and localhost?