[SOLVED] You don't have permission to access /gallery3/index.php/search on this server…

Lucad01

Joined: 2014-03-05
Posts: 10

Posted: Wed, 2014-03-05 17:26

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

These two messages when I searched on term or keyword 'bend' --- I was trying to find 'South Bend' watches in my database. I believe this has happened on another search term as well but don't remember what it was. Other search terms such as 'Waltham' or 'United States' work fine and bring proper results.

I am new to Gallery3 and a novice.

In a log in var folder I noticed this also: 2014-03-04 02:32:08 +00:00 --- error: date.timezone setting not detected in /home/pocketwa/public_html/gallery3/php.ini falling back to UTC. Consult http://php.net/manual/function.get-cfg-var.php for help.

I have searched on 404 errors on this site but haven't yet seen one quite the same.

Thanks for any advice.

Luca

Lucad01

Joined: 2014-03-05
Posts: 10

Posted: Wed, 2014-03-05 22:57

Could any of this relate to stopwords in character sets in MSQL? The problem is searching on 'South Bend'. If I search on South alone - no problem. If I search on Be or Ben - no problem. It's only when the search contains 'Bend' that it gives me a 403 Forbidden...You don't have permission to access /gallery3/index.php/search on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

If it is a SQL stoplist or stopword problem where should I start or go to to modify it?

Thank you.

Luca

spags

Joined: 2010-03-26
Posts: 120

Posted: Thu, 2014-03-06 00:45

A search for South Bend on my Gallery worked fine so I don't think Bend is a reserved word or something like that. By the way, the start of your first post seems to be missing.

Your error log regarding the timezone setting should not be related to this problem. There are a few pages that describe how to set the php timezone, like http://www.unixmen.com/timezone-for-php-is-not-set-please-set-qdatetimezoneq-option-in-phpini/

Lucad01

Joined: 2014-03-05
Posts: 10

Posted: Thu, 2014-03-06 00:50

Okay thank you. I will look investigate the timezone pages.

Lucad01

Joined: 2014-03-05
Posts: 10

Posted: Thu, 2014-03-06 16:20

I deleted everything...gallery3 folder, the mysql database, user for database and did the install again from square one. I am still getting the same problem. Any search with the word 'end' in it is giving me this Forbidden message as above. So is this a permissions problem? Which files to look at or change? I don't have this problem with other search terms.

Luca

floridave

Joined: 2003-12-22
Posts: 27300

Posted: Fri, 2014-03-07 00:28

'end' is not a stop word. Even searching for stop words don't result in a 404. That being said I'm not a expert in stop words and trying some of them on my sites do not result in a 404. As to where to look google is the best place, starting here:
https://dev.mysql.com/doc/refman/5.1/en/fulltext-stopwords.html
As for why bend on your system results in 404, I don't know.

Dave
_____________________________________________
Blog & G2 || floridave - Gallery Team

spags

Joined: 2010-03-26
Posts: 120

Posted: Fri, 2014-03-07 09:16

Then its probably time to start checking your Apache log files.

Lucad01

Joined: 2014-03-05
Posts: 10

Posted: Fri, 2014-03-07 15:48

Here are a couple error logs:
[Fri Mar 07 10:34:09 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/403.shtml, referer: http://pocketwatchpics.com/gallery3/

[Fri Mar 07 10:31:45 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/404.shtml

This is the URL that returns it: http://pocketwatchpics.com/gallery3/index.php/search?album=1&q=send

floridave

Joined: 2003-12-22
Posts: 27300

Posted: Fri, 2014-03-07 16:32

Perhaps the maintenance mode is the issue? Just guessing here.

Dave
___________________________________________
Blog & G2 || floridave - Gallery Team

Lucad01

Joined: 2014-03-05
Posts: 10

Posted: Sat, 2014-03-08 13:40

Dave, unfortunately it happens whether in maintenance mode or not.
Here are some more logs:
[Sat Mar 08 08:37:18 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/403.shtml, referer: http://pocketwatchpics.com/gallery3/index.php/
[Sat Mar 08 08:37:09 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/404.shtml
[Sat Mar 08 08:37:09 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/favicon.ico
[Sat Mar 08 08:37:08 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/404.shtml
[Sat Mar 08 08:37:08 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/favicon.ico

Luca

spags

Joined: 2010-03-26
Posts: 120

Posted: Sat, 2014-03-08 21:41

What Apache modules are active on your server. Something must be active and doing something to cause this problem.

And just to get the obvious out of the way, do those files in the log actually exist and do they have permissions that allow Apache to serve them out? An "ls -l" directory of your /home/pocketwa/public_html might be helpful.

Lucad01

Joined: 2014-03-05
Posts: 10

Posted: Tue, 2014-03-11 01:41

The 404 files do not exist. I am a little more concerned with what is causing this "Forbidden

You don't have permission to access /gallery3/index.php/search on this server." message in the first place.

I don't know anything about Apache...version 2.2.26. Here are the modules:
Compiled-in modules:
http_core.c
mod_env.c
mod_log_config.c
mod_log_referer.c
mod_mime_magic.c
mod_mime.c
mod_negotiation.c
mod_status.c
mod_info.c
mod_include.c
mod_autoindex.c
mod_dir.c
mod_cgi.c
mod_asis.c
mod_imap.c
mod_actions.c
mod_speling.c
mod_userdir.c
mod_alias.c
mod_rewrite.c
mod_access.c
mod_auth.c
mod_proxy.c
mod_expires.c
mod_headers.c
mod_usertrack.c
mod_unique_id.c
mod_so.c
mod_setenvif.c
mod_ssl.c
mod_dav.c
mod_frontpage.c
suexec: enabled; valid wrapper /usr/local/apache/bin/suexec

Also: PHP version 5.3.27, MySQL 5.1.72-cll,

spags

Joined: 2010-03-26
Posts: 120

Posted: Tue, 2014-03-11 10:50

I'm no Apache guru, but there are a few modules there that look like they could potentially cause this. If I were you, I'd start experimenting by creating a minimal HTML file in /home/pocketwa/public_html/test.html and an exact copy in /home/pocketwa/public_html.end.html then try browsing to each and see if you have problems with end.html. If so, it is most certainly an Apache module.

If both work fine, I'd then consider creating a minimal PHP file in the same location but with names test.php and end.php and again trying to access them.

By the amount of modules you have, presumably you are on a shared host. They may also be able give you some idea what may be causing the problem - particularly if one of the above methods demonstrates the problem.

Lucad01

Joined: 2014-03-05
Posts: 10

Posted: Tue, 2014-03-11 13:37

Spags,

Thanks I will try that. I am on a shared host and will see if they have any advice.

Lucad01

Joined: 2014-03-05
Posts: 10

Posted: Fri, 2014-03-14 13:41

So this has been solved if someone would like to mark it as such. Here is the gist of it from a tech at my hosting co:

"Hello,

That search term of the word "end" appeared to be triggering a rule for our mod-security feature we have installed on your server. In particular, mod-security helps to protect your website against various web based attacks like injections or buffer overflows. It had apparently triggered a false positive response which blocked the search results. If you have further questions or concerns regarding this matter, please don't hesitate to contact us.

Regards,"

They seem to have altered or done away with the Apache Mod-Security module in my case as I am no longer getting the 403 Forbidden message.

Thanks to those who helped on this thread.

Luca

floridave

Joined: 2003-12-22
Posts: 27300

Posted: Fri, 2014-03-14 19:00

Thanks for posting what your host and you found. I bet it will help others in the future.
Thanks to @spags as well for helping out.

Dave
_____________________________________________
Blog & G2 || floridave - Gallery Team

Lucad01 Joined: 2014-03-05 Posts: 10	Posted: Wed, 2014-03-05 17:26
	Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. These two messages when I searched on term or keyword 'bend' --- I was trying to find 'South Bend' watches in my database. I believe this has happened on another search term as well but don't remember what it was. Other search terms such as 'Waltham' or 'United States' work fine and bring proper results. I am new to Gallery3 and a novice. In a log in var folder I noticed this also: 2014-03-04 02:32:08 +00:00 --- error: date.timezone setting not detected in /home/pocketwa/public_html/gallery3/php.ini falling back to UTC. Consult http://php.net/manual/function.get-cfg-var.php for help. I have searched on 404 errors on this site but haven't yet seen one quite the same. Thanks for any advice. Luca
	XUser login Username: * Password: * Create new account Request new password
Lucad01 Joined: 2014-03-05 Posts: 10	Posted: Wed, 2014-03-05 22:57
	Could any of this relate to stopwords in character sets in MSQL? The problem is searching on 'South Bend'. If I search on South alone - no problem. If I search on Be or Ben - no problem. It's only when the search contains 'Bend' that it gives me a 403 Forbidden...You don't have permission to access /gallery3/index.php/search on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. If it is a SQL stoplist or stopword problem where should I start or go to to modify it? Thank you. Luca

spags Joined: 2010-03-26 Posts: 120	Posted: Thu, 2014-03-06 00:45
	A search for South Bend on my Gallery worked fine so I don't think Bend is a reserved word or something like that. By the way, the start of your first post seems to be missing. Your error log regarding the timezone setting should not be related to this problem. There are a few pages that describe how to set the php timezone, like http://www.unixmen.com/timezone-for-php-is-not-set-please-set-qdatetimezoneq-option-in-phpini/

Lucad01 Joined: 2014-03-05 Posts: 10	Posted: Thu, 2014-03-06 00:50
	Okay thank you. I will look investigate the timezone pages.

Lucad01 Joined: 2014-03-05 Posts: 10	Posted: Thu, 2014-03-06 16:20
	I deleted everything...gallery3 folder, the mysql database, user for database and did the install again from square one. I am still getting the same problem. Any search with the word 'end' in it is giving me this Forbidden message as above. So is this a permissions problem? Which files to look at or change? I don't have this problem with other search terms. Luca

floridave Joined: 2003-12-22 Posts: 27300	Posted: Fri, 2014-03-07 00:28
	'end' is not a stop word. Even searching for stop words don't result in a 404. That being said I'm not a expert in stop words and trying some of them on my sites do not result in a 404. As to where to look google is the best place, starting here: https://dev.mysql.com/doc/refman/5.1/en/fulltext-stopwords.html As for why bend on your system results in 404, I don't know. Dave _____________________________________________ Blog & G2 \|\| floridave - Gallery Team

spags Joined: 2010-03-26 Posts: 120	Posted: Fri, 2014-03-07 09:16
	Then its probably time to start checking your Apache log files.

Lucad01 Joined: 2014-03-05 Posts: 10	Posted: Fri, 2014-03-07 15:48
	Here are a couple error logs: [Fri Mar 07 10:34:09 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/403.shtml, referer: http://pocketwatchpics.com/gallery3/ [Fri Mar 07 10:31:45 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/404.shtml This is the URL that returns it: http://pocketwatchpics.com/gallery3/index.php/search?album=1&q=send

floridave Joined: 2003-12-22 Posts: 27300	Posted: Fri, 2014-03-07 16:32
	Perhaps the maintenance mode is the issue? Just guessing here. Dave ___________________________________________ Blog & G2 \|\| floridave - Gallery Team

Lucad01 Joined: 2014-03-05 Posts: 10	Posted: Sat, 2014-03-08 13:40
	Dave, unfortunately it happens whether in maintenance mode or not. Here are some more logs: [Sat Mar 08 08:37:18 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/403.shtml, referer: http://pocketwatchpics.com/gallery3/index.php/ [Sat Mar 08 08:37:09 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/404.shtml [Sat Mar 08 08:37:09 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/favicon.ico [Sat Mar 08 08:37:08 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/404.shtml [Sat Mar 08 08:37:08 2014] [error] [client 98.249.58.18] File does not exist: /home/pocketwa/public_html/favicon.ico Luca

spags Joined: 2010-03-26 Posts: 120	Posted: Sat, 2014-03-08 21:41
	What Apache modules are active on your server. Something must be active and doing something to cause this problem. And just to get the obvious out of the way, do those files in the log actually exist and do they have permissions that allow Apache to serve them out? An "ls -l" directory of your /home/pocketwa/public_html might be helpful.

Lucad01 Joined: 2014-03-05 Posts: 10	Posted: Tue, 2014-03-11 01:41
	The 404 files do not exist. I am a little more concerned with what is causing this "Forbidden You don't have permission to access /gallery3/index.php/search on this server." message in the first place. I don't know anything about Apache...version 2.2.26. Here are the modules: Compiled-in modules: http_core.c mod_env.c mod_log_config.c mod_log_referer.c mod_mime_magic.c mod_mime.c mod_negotiation.c mod_status.c mod_info.c mod_include.c mod_autoindex.c mod_dir.c mod_cgi.c mod_asis.c mod_imap.c mod_actions.c mod_speling.c mod_userdir.c mod_alias.c mod_rewrite.c mod_access.c mod_auth.c mod_proxy.c mod_expires.c mod_headers.c mod_usertrack.c mod_unique_id.c mod_so.c mod_setenvif.c mod_ssl.c mod_dav.c mod_frontpage.c suexec: enabled; valid wrapper /usr/local/apache/bin/suexec Also: PHP version 5.3.27, MySQL 5.1.72-cll,

spags Joined: 2010-03-26 Posts: 120	Posted: Tue, 2014-03-11 10:50
	I'm no Apache guru, but there are a few modules there that look like they could potentially cause this. If I were you, I'd start experimenting by creating a minimal HTML file in /home/pocketwa/public_html/test.html and an exact copy in /home/pocketwa/public_html.end.html then try browsing to each and see if you have problems with end.html. If so, it is most certainly an Apache module. If both work fine, I'd then consider creating a minimal PHP file in the same location but with names test.php and end.php and again trying to access them. By the amount of modules you have, presumably you are on a shared host. They may also be able give you some idea what may be causing the problem - particularly if one of the above methods demonstrates the problem.

Lucad01 Joined: 2014-03-05 Posts: 10	Posted: Tue, 2014-03-11 13:37
	Spags, Thanks I will try that. I am on a shared host and will see if they have any advice.

Lucad01 Joined: 2014-03-05 Posts: 10	Posted: Fri, 2014-03-14 13:41
	So this has been solved if someone would like to mark it as such. Here is the gist of it from a tech at my hosting co: "Hello, That search term of the word "end" appeared to be triggering a rule for our mod-security feature we have installed on your server. In particular, mod-security helps to protect your website against various web based attacks like injections or buffer overflows. It had apparently triggered a false positive response which blocked the search results. If you have further questions or concerns regarding this matter, please don't hesitate to contact us. Regards," They seem to have altered or done away with the Apache Mod-Security module in my case as I am no longer getting the 403 Forbidden message. Thanks to those who helped on this thread. Luca

floridave Joined: 2003-12-22 Posts: 27300	Posted: Fri, 2014-03-14 19:00
	Thanks for posting what your host and you found. I bet it will help others in the future. Thanks to @spags as well for helping out. Dave _____________________________________________ Blog & G2 \|\| floridave - Gallery Team

[SOLVED] You don't have permission to access /gallery3/index.php/search on this server…

XUser login