• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Weird 403 forbidden, only on files created by Plesk

Z

Zoopsy

Guest
Hello, I'm new to these forums, have breen browsing around whenever I encountered a problem, but now I got a problem I can't find the solution for.

Whenever I install an Application trhough the App Store in the controlpanel, or create a file/directory through the file manager, the file(s) and directory(s) are inaccessible through a browser.

So, I checked for permissions and ownership, and guess what, everything is fine! In fact, if I create a file through file manager with default permissions and ownership, I can't get to it through my browser. But if I create it through FTP, with the exact same permissions and ownership in the same directory, there isn't a problem!

Here's an an example:

-rw-r--r--. 1 z2design psacln 308 Aug 22 18:32 test2.html
-rw-r--r--. 1 z2design psacln 308 Aug 22 18:31 test.html

Test2.html is made by the file manager: http://steven.z2design.nl/test.html
Test.html is made by FTP: http://steven.z2design.nl/test2.html

The exact same is true for installing applications

Besides from user groups, rights and ownership, what else is there to look at? It's driving me nuts.

Any help is appreciated!
Thanks, Steven Lukas
Z2 Design

[edit]
Some additional server info:

OS Linux 2.6.32-220.23.1.el6.x86_64
Panel version 10.4.4 Update #41, last updated at Aug 10, 2012 03:10 AM
The system is up-to-date; last checked at Aug 22, 2012 03:40 AM

And here some log info:

- Access Log
##.###.##.### - - [22/Aug/2012:22:14:24 +0200] "GET /test.html HTTP/1.1" 403 443 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:14.0) Gecko/20100101 Firefox/14.0.1"
##.###.##.### - - [22/Aug/2012:22:14:30 +0200] "GET /test2.html HTTP/1.1" 200 570 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:14.0) Gecko/20100101 Firefox/14.0.1"
- Error Log
[Wed Aug 22 22:14:24 2012] [error] [client ##.###.##.###] (13)Permission denied: access to /test.html denied

These problems started just a few days ago, I can't exactly remember when, as I don't daily let plesk generate content. It's hosted on a VPS server, and I let my provider preinstall Plesk with it (hoping I wouldn't have to dig too much into Linux itself, as it's not my strongest point). I contacted their helpdesk and they forwarded me to Parallels, as they told me it should be a problem with the product. So, I'm kinda left in the dark, I did pay for this product, but have no clue if asking here is the best way for help, so again, any suggestions are welcome!

[/edit]
 
Last edited by a moderator:
Hi, try following:
1) Make sure it's not denied by Apache: check if there .htaccess file in / folder with rules like that:
<Files "test.html">
Deny from all
</Files>

2) Make sure that the Directory above has execute permission:

Suppose you are creating an Alias like this: Alias /foo /tmp/bar/foo
Now you have made sure that apache can read and execute /tmp/bar/foo by running chmod 755 /tmp/bar/foo, but you also need to give Apache execute permission to /tmp/bar/ otherwise it cannot traverse the sub directory foo.
 
Hi Alexey, thank you for replying.

There is no .htaccess file present, like I said this problem occurs with EVERYTHING the server makes, this includes freshly made (sub)domains (with no files present). Just to be sure I created an emtpy .htaccess file, with no success.

Could it be the files are actually stored elsewhere, and the directory I work in is a symlink/alias kind of thing, whereas the original folder might have different permissions? This is the only conclusion I've managed to come up with (I'm no Linux expert!), but is there an easy way to find out? ls -l sure didn't tell me much.

Am I missing something? I mean, rights, groups and owner are the only things on os-level that could restrict acces like this right? It isn't just .htaccess or a PhP file throwing a 403 error, because the same access is restricted for FTP with server-created files. I can, however, download the files with FTP. Upon inspection, there is nothing unusual about the file, it seems intact. If I then remove the file using File Manager or SSH (the only things capable of actually deleting the files without access errors) and then reupload using FTP, it works flawlessly. Even though the same user credentials and rights were used upon execution.

Rebooting the server or just apache has zero effect aswel, no warnings or errors during bootup.

Really losing my marmbles here :-/
 
Last edited by a moderator:
... All right, so guess what. I upgraded the server to 11.0.9 Update #10, and the problems are gone. I'm not sure if it's actually a bug being fixed, or some corrupt settings being restored to correct values, now I still don't know what happened here.

Alltough the good news only applies to stuff that was already there, the two example links http://steven.z2design.nl/test.html and http://steven.z2design.nl/test2.html both show correctly while I didn't touch them (the upgrade must have done something).

I even managed to install an application without trouble: http://steven.z2design.nl/concrete5


But... I created a new subdomain: http://webmail.z2design.nl, disabled the webmail services (for now) so I can reach the subdomain (which is located at /var/www/vhosts/z2design.nl/webmail). Installed Atmail Open through the App Store at http://webmail.z2design.nl/atmailopen, and again, 403 Forbidden :( :(

I installed atmail manually before, because of these problems. And that worked perfectly.
It still looks Plesk applies some kind of restricted access on the newly created files (which seem to be got corrected during the upgrade). Any ideas?
 
Last edited by a moderator:
Hi Zoopsy,

I was not able to reproduce your issue on a test server with P11.
The issue could be triggered in your case due to OS/virtualization limits or some other system's misconfiguration.

I would suggest to try following:

1) If you have nGinx reverse proxy enabled, then please try to disable it and check if this helps:

Please see "Making Apache a Frontend Web Server" in
http://download1.parallels.com/Ples...inistrator-guide/index.htm?fileName=70837.htm

2) If (1) above does not help, then please create a support request for Parallels plesk here:
https://www.parallels.com/support/plesk/form/
 
You must log in or register to reply here.

Similar threads

B
Issue Nexcloud, webdav, upload error for a specific file
Replies
2
Views
1K
Bitpalast
Bitpalast
K
Issue Apache can't serve PHP file from DigitalOcean bulk storage volume
Replies
1
Views
2K
KDawson
K
N
Issue 403 Error at html files or images after upgrade to v. 17
Replies
3
Views
1K
J-T
J
S
Resolved Admin access impossible
Replies
2
Views
900
Steph95
S
T
Issue Some incoming spam emails don't have "X-Spam-" headers and delivered to inbox
Replies
0
Views
892
tajt02
T
Back
Top