Page Index Toggle Pages: 1 Print
403 Forbidden Error (Read 801 times)
Captain John
Ex Member


403 Forbidden Error
Sep 25th, 2007 at 2:22am
Print Post  
Fix for YaBB Ver. 2.1 & 2.1.1

This ONLY seems to work on very old server (not updated)

In InstantMessage.pl replace ALL ;  in the string
Code
Select All
$callerid;id=$messageid 



with
Code
Select All
$callerid&id=$messageid 



the phrase "caller=" appears 17 times in InstantMessage.pl.  For 16 of those times the url in which it appears has at least 2 semicolons in it.  I changed the final semicolon in each of those 16 urls to an ampersand and now things seem to work



  
Back to top
 
IP Logged
 
Captain John
Ex Member


Re: 403 Forbidden Error
Reply #1 - Jul 26th, 2008 at 7:51pm
Print Post  
Some Hosts are updating their Servers and for the first time, setting up a Security Option, that sometimes will cause 403 Errors, when trying to access an action, "ModSecurity" is an open source web application firewall
   Contacting your Host and fully explaining the problem can cure this problem, if the Tech will.  Your Web server thinks that the HTTP data stream sent by the client (e.g. your Web browser or our CheckUpDown robot) was correct, but access to the resource identified by the URL is forbidden for some reason.

This indicates a fundamental access problem, which may be difficult to resolve because the HTTP protocol allows the Web server to give this response without providing any reason at all. So the 403 error is equivalent to a blanket 'NO' by your Web server - with no further discussion allowed.

By far the most common reason for this error is that directory browsing is forbidden for the Web site

   Sometimes just changing the CHMODs on the YaBB folders and .pl files from the recommended 755 to 777, will allow full function again.

You might access your .htaccess file
Code
Select All
<Limit GET HEAD POST>
order allow,deny
deny from 66.249
</LIMIT> 


Obviously that if your IP is shown, that is what was blocking the site. Delete all that text, save the blank file and replaced it on the server.

If you’re using Apache web server (which mostly do), mod_security can be disabled by adding a specific in .htaccess file. Locate the .htaccess file in Apache web root directory (public_html or /var/www/ or others), if it does not exist, create a new file named .htaccess, and add in the following code:

SecFilterEngine Off
SecFilterScanPOST Off



  
Back to top
 
IP Logged
 
Captain John
Ex Member


Re: 403 Forbidden Error
Reply #2 - Feb 18th, 2009 at 3:18pm
Print Post  
In Y2.3.x a work around for a servers strict Mod_Security

Edit the file Sources/Subs.pl and search for this:

Code
Select All
	&image_resize;

	# Start workaround to substitute all ';' by '&' in all URLs
	# This workaround solves problems with servers that use mod_security
	# in a very strict way. (error 406)
	# Take the comments out of the following two lines if you had this problem.
	# $output =~ s/($scripturl\?)([^'"]+)/ $1 . &URL_modify($2) /eg;
	# sub URL_modify { my $x = shift; $x =~ s/;/&/g; $x; }
	# End of workaround

	if ($yycopyin == 0) { 



remove above highlighted comment tags
« Last Edit: Mar 30th, 2010 at 4:10am by »  
Back to top
 
IP Logged
 
Captain John
Ex Member


Re: 403 Forbidden Error
Reply #3 - Dec 1st, 2010 at 6:49am
Print Post  
HTTP Error 403

403.1 Forbidden: Execute Access Forbidden

This error can be caused if you try to execute a CGI, ISAPI, or other executable program from a directory that does not allow programs to be executed.
  
Back to top
 
IP Logged
 
Page Index Toggle Pages: 1
Print
 
  « Board Index ‹ Board  ^Top