Question How to allow the download of files with custom extensions from a Plesk server?

[o2k]

Server operating system version

Ubuntu 24.04 LTS (GNU/Linux 6.8.0-36-generic x86_64)

Plesk version and microupdate number

Plesk Obsidian Versión 18.0.62, 28/June/2024 22:53

I have a dedicated Plesk server with several domains. In one of them I want to make available a file called, say, "file.db"
If I try to download that file from a web browser, I get a 403 error page saying:

Forbidden
You do not have permission to access this document.
Web Server at @domain_name@

If I rename the file to a more standard extension, like "mp3" (even though it's not really an mp3 file), then I can download the file from the browser.
So there must be some restriction to let browsers only download files with some extensions.

I tried to edit the files "mime.types" and "mime.types.default" inside /etc/nginx to add a line with "application/octet-stream db;" and then restarting the service/server but that accomplished nothing. I still get the 403 page when trying to download the file.

So how can I make the server allow downloading files with ".db" extension? (renaming the file extension is not an option for me since the file name is hard coded into an app that downloads that file).

Thanks!

 

[Kaspar@Plesk]

Is it a Wordpress site? In that case it could be the "Block access to sensitive files" option. Which can enabled and disabled via the Security settings in the WP toolkit.

 

[Yaroslav_T]

Hello! I'd bet on WP security too but I also would suggest checking /var/www/vhosts/example.com/logs/error_log (in Plesk it's DOmains > example.com > Logs) since ModSecurity can also block specific file extensions (you can add such a rule to ModSec exceptions)