Skip to main content

Apache 403 Forbidden Error Fixed

Have successfully configured Apache web server for my client. But why does my clients website just say “Error 403 Forbidden”? For example when client send request http://mysite.com/something/ Apache generate a 403 error. How do I troubleshoot this problem?

Error code that start with 4xx is generated because of client browser request. A 403 error code means client browser (or person who is trying to access your site) cannot access the requested URL. It can be caused by many reason:

a) A 403 status code indicates that the client cannot access the requested resource. It means the wrong username and password were sent in the request, or that the permissions on the server do not allow what was being asked.

b) No default directory index page is present. Upload Index.html or Index.htm file. Directive DirectoryIndex defines the default index page name. Open your apache configuration file, find out default index file name, and upload the same file to directory:

DirectoryIndex index.html index.cgi index.pl index.php index.xhtml

Options +Indexes FollowSymLinks +ExecCGI


c) Make sure the CGI script requested have executable permissions set on files. Use chmod command to set permission:

$ chmod +x file.cgi

d) Make sure you have permission to use .htaccess file for Apache web server. If Apache has overrides disabled. you will bump back with a 403 error.

e) Make sure correct directory permissions are set on directory:

AllowOverride AuthConfig FileInfo
Order allow,deny
Allow from all

f) Make sure the underlying file system permissions allow the User/Group under which Apache is running to access the necessary files. You can determine which case applies to your situation by checking the error log. In the case where file system permission are at fault, remember that not only must the directory and files in question be readable, but also all parent directories must be at least searchable by the web server in order for the content to be accessible. For example /home/httpd/theos.in/ must be searchable, enter:

# chmod +x /home/httpd/theos.in/

Comments

Popular posts from this blog

How To Enable DNS over HTTPS

  DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver. An alternative to DoH is the DNS over TLS (DoT) protocol, a similar standard for encrypting DNS queries, differing only in the methods used for encryption and delivery. On the basis of privacy and security, whether or not a superior protocol exists among the two is a matter of controversial debate, while others argue the merits of either depend on the specific use case. Benefits DoH improves privacy by hiding domain name lookups from someone lurking on public WiFi, your ISP, or anyone else on your local network. DoH, when enabled, ensures that your ISP cannot collect and sell personal information related to your br...

Fix HTTPS issue in browser - Burp Suite

If you get message "Software is Preventing Firefox From Safely Connecting to This Site. Most likely a safe site, but a secure connection could not be established. This issue is caused by The original certificate provided by the web server is untrusted., which is either software on your computer or your network." lets see the tutorial. 1. With Burp suite running, visit http://burp in your browser and click the "CA Certificate" link to download and save your Burp CA certificate. Remember where you save the Burp CA certificate.

The Five Eyes - Intelligence Alliance

 The Five Eyes intelligence alliance is a secretive coalition and surveillance arrangement of countries internationally which include the United States National Security Agency (NSA), Canada’s Communications Security Establishment Canada (CSEC), the United Kingdom’s Government Communications Headquarters (GCHQ), New Zealand’s Government Communications Security Bureau (GCSB) and the Australian Signals Directorate (ASD). A series of bilateral agreements were developed in the beginning of 1946 by an alliance of five English-speaking countries over a period of time and became to known as the UKUSA agreement. This agreement established the Five Eyes alliance to share intelligence especially signals intelligence (SIGINT). These five English-speaking countries for almost 70 years have been involved in the global surveillance spying on the communications all over the world and build an infrastructure to master the internet for surveillance.