Issue Issue Ngnix 403 /wp-content/cache/all/index.html

[sall10]

Hello,

my website is available under https://mydomain.com. I'm using Plesk Obsidian / Centos 7.8 and apache http2 + Nginx as Reverse Proxy. Lets Encrypt Certificate is installed for the Domain.

I'm getting 403 Error for /wp-content/cache/all/index.html




curl -i https://mydomain.com

HTTP/2 403

server: nginx






curl -i http://mydomain.com

HTTP/1.1 301 Moved Permanently

Server: nginx



curl -i https://www.mydomain.com

HTTP/2 301

server: nginx



curl -i http://www.mydomain.com

HTTP/1.1 301 Moved Permanently

Server: nginx





curl -v https://mydomain.com

* Trying 93.x.x.x...

* TCP_NODELAY set

* Connected to domain.com (93.x.x.x) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

* CAfile: /etc/ssl/cert.pem

CApath: none

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Server key exchange (12):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):

* TLSv1.2 (IN), TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384

* ALPN, server accepted to use h2

* Server certificate:

* subject: CN=domain.com

* start date: May 1 13:02:29 2020 GMT

* expire date: Jul 30 13:02:29 2020 GMT

* subjectAltName: host "domain.com" matched cert's "domain.com"

* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3

* SSL certificate verify ok.

* Using HTTP2, server supports multi-use

* Connection state changed (HTTP/2 confirmed)

* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0

* Using Stream ID: 1 (easy handle 0x7ff409008800)

> GET / HTTP/2

> Host: domain.com

> User-Agent: curl/7.64.1

> Accept: */*

>

* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!

< HTTP/2 403

< server: nginx

< date: Fri, 22 May 2020 11:20:15 GMT

< content-type: text/html

< content-length: 4897

< vary: Accept-Encoding

< last-modified: Thu, 16 Oct 2014 13:20:58 GMT

< etag: "1321-5058a1e728280"

< accept-ranges: bytes

< ms-author-via: DAV

< access-control-allow-origin: *

 

[Martin Dias]

Check:

# plesk repair fs example.com

Also, check mod security log: /var/log/modsec_audit.log
Same for the domain logs do they show anything additionally?

 

[sall10]

Thx, plesk repair fs mydomain.com

Checking virtual hosts' file system ................................. [OK]

Error messages: 0; Warnings: 0; Errors resolved: 0

WAF own IP
AH00124: Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.

 

[sall10]

Paused Cloudflare and checked again curl -v Web Hosting, Domain Name Registration | Mydomain

* Trying 93.x.x.x...

* TCP_NODELAY set

* Connected to mydomain.com (93.x.x.x) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

* CAfile: /etc/ssl/cert.pem

CApath: none

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Server key exchange (12):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):

* TLSv1.2 (IN), TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384

* ALPN, server accepted to use h2

* Server certificate:

* subject: CN=mydomain.com

* start date: May 1 13:02:29 2020 GMT

* expire date: Jul 30 13:02:29 2020 GMT

* subjectAltName: host "mydomain.com" matched cert's "mydomain.com"

* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3

* SSL certificate verify ok.

* Using HTTP2, server supports multi-use

* Connection state changed (HTTP/2 confirmed)

* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0

* Using Stream ID: 1 (easy handle 0x7fb136008800)

> GET / HTTP/2

> Host: mydomain.com

> User-Agent: curl/7.64.1

> Accept: */*

>

* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!

< HTTP/2 403

< server: nginx

< date: Fri, 22 May 2020 16:10:27 GMT

< content-type: text/html; charset=iso-8859-1

< content-length: 352

< vary: Accept-Encoding

<

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

<html><head>

<title>403 Forbidden</title>

</head><body>

<h1>Forbidden</h1>

<p>You don't have permission to access /wp-content/cache/all/index.html

on this server.</p>

<p>Additionally, a 403 Forbidden

error was encountered while trying to use an ErrorDocument to handle the request.</p>

</body></html>

* Connection #0 to host mydomain.com left intact

* Closing connection 0