SOLVED - 403 issue

grattman

122
+0/-0

SOLVED - 403 issue

« on: January 18, 2009, 05:14:26 PM »

Hi all,

I checked the bug tracker and could not find a match to my issue. I have joomla 1.0.15 installed on one ibay and joomla 1.5.X installed on another ibay. All of the sudden the items in /images are showing a 403 for both ibays. I cannot ascertian whether it is a Joomla or SME issue since both ibays have the same issue and were previously working. The itself is working, just not theuploaded contents area. I also cannot reference them directly such as http://xxx.xxx.com/imagesimage.jpg. I have made the images directory and all contents completely accessible (777) as well.

I am stumped as to what might have caused this issue. I am going to test some other ideas but in the interim, if anyone can shed some light it would be greatly appreciated.

Grattman

« Last Edit: January 24, 2009, 02:12:48 PM by grattman »

Logged

...

cactus

4,880
+3/-0

Re: 403 issue

« Reply #1 on: January 18, 2009, 07:07:19 PM »

Quote from: grattman on January 18, 2009, 05:14:26 PM

Hi all,

I checked the bug tracker and could not find a match to my issue. I have joomla 1.0.15 installed on one ibay and joomla 1.5.X installed on another ibay. All of the sudden the items in /images are showing a 403 for both ibays. I cannot ascertian whether it is a Joomla or SME issue since both ibays have the same issue and were previously working. The itself is working, just not theuploaded contents area. I also cannot reference them directly such as http://xxx.xxx.com/imagesimage.jpg. I have made the images directory and all contents completely accessible (777) as well.

I am stumped as to what might have caused this issue. I am going to test some other ideas but in the interim, if anyone can shed some light it would be greatly appreciated.

Grattman

Are you sure you did not do a erroneous chmod/chown while fiddling around? Have a look through your command line history using:

Code: [Select]

history | more
TO help us diagnose your problem you need to provide us relevant sections of your log files at the time the error occured, most likely the clues are either in /var/log/httpd/access_log and /var/log/httpd/error_log.

Logged

Be careful whose advice you buy, but be patient with those who supply it. Advice is a form of nostalgia, dispensing it is a way of fishing the past from the disposal, wiping it off, painting over the ugly parts and recycling it for more than its worth ~ Baz Luhrmann - Everybody's Free (To Wear Sunscreen)

chris burnat

1,135
+2/-0

Re: 403 issue

« Reply #2 on: January 19, 2009, 11:02:20 AM »

This topic has been moved to the Contrib section of the forum where it is more appropriate.

Logged

- chris
If it does not work out of the box, please fill in a Bug Report @ Bugzilla (http://bugs.contribs.org) - check: http://wiki.contribs.org/Bugzilla_Help . Thanks.

grattman

122
+0/-0

Re: 403 issue

« Reply #3 on: January 19, 2009, 02:15:35 PM »

Well....still stumped.

If I completely remove the ibay, create a new one with a different name and try to install joomla into it, same issue. But if I create a new ibay, create an images directory, and render a simple page calling an image in the images directory, it works.

It seems that this machine was compromised, but I could be wrong. The history | more did not reveal anything I was not working on. The error log revealed some apache configurations, multiples in a couple of hours. This is why I think it has been compromised.

Code: [Select]

[Tue Jan 13 18:39:27 2009] [notice] caught SIGTERM, shutting down
[Tue Jan 13 18:41:41 2009] [notice] Digest: generating secret for digest authentication ...
[Tue Jan 13 18:41:41 2009] [notice] Digest: done
[Tue Jan 13 18:41:42 2009] [notice] Apache configured -- resuming normal operations
[Tue Jan 13 18:49:50 2009] [error] [client 192.168.5.54] client denied by server configuration: /home/e-smith/files/ibays/nwea/html
[client 222.187.221.201] script '/home/e-smith/files/ibays/website/html/prx1.php' not found or unable to stat
[client 74.55.128.226] script '/home/e-smith/files/ibays/website/html/errors.php' not found or unable to stat
[Tue Jan 13 19:54:52 2009] [error] [client 87.106.102.198] File does not exist: /home/e-smith/files/ibays/website/html/12all
[client 213.229.60.50] script '/home/e-smith/files/ibays/website/html/errors.php' not found or unable to stat
[client 74.55.128.226] script '/home/e-smith/files/ibays/website/html/errors.php' not found or unable to stat
[client 213.229.60.50] script '/home/e-smith/files/ibays/website/html/errors.php' not found or unable to stat
[Tue Jan 13 20:29:56 2009] [error] [client 192.168.5.75] File does not exist: /home/e-smith/files/ibays/website/html/favicon.ico
[Tue Jan 13 20:30:49 2009] [notice] Graceful restart requested, doing restart
[Tue Jan 13 20:30:50 2009] [notice] Digest: generating secret for digest authentication ...
[Tue Jan 13 20:30:50 2009] [notice] Digest: done
[Tue Jan 13 20:30:50 2009] [notice] Apache configured -- resuming normal operations
[Tue Jan 13 20:32:14 2009] [error] [client 89.218.85.18] File does not exist: /home/e-smith/files/ibays/website/html/poll
[Tue Jan 13 20:38:57 2009] [error] [client 24.213.90.168] File does not exist: /home/e-smith/files/ibays/website/html/nonexistenshit
[Tue Jan 13 20:38:57 2009] [error] [client 24.213.90.168] File does not exist: /home/e-smith/files/ibays/website/html/mail
[Tue Jan 13 20:38:57 2009] [error] [client 24.213.90.168] File does not exist: /home/e-smith/files/ibays/website/html/bin
[Tue Jan 13 20:38:57 2009] [error] [client 24.213.90.168] File does not exist: /home/e-smith/files/ibays/website/html/rc
[Tue Jan 13 20:38:57 2009] [error] [client 24.213.90.168] File does not exist: /home/e-smith/files/ibays/website/html/roundcube
[Tue Jan 13 20:43:26 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_contact&task=view&contact_
[Tue Jan 13 20:43:26 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_contact&task=view&contact_
[Tue Jan 13 20:43:26 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_contact&task=view&contact_
[Tue Jan 13 20:43:26 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_contact&task=view&contact_
[Tue Jan 13 20:45:38 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=99&Itemid=85
[Tue Jan 13 20:45:38 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=99&Itemid=85
[Tue Jan 13 20:45:38 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=99&Itemid=85
[Tue Jan 13 20:45:38 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=99&Itemid=85
[Tue Jan 13 20:46:43 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_contact&task=view&contact_
[Tue Jan 13 20:46:43 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_contact&task=view&contact_
[Tue Jan 13 20:46:43 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_contact&task=view&contact_
[Tue Jan 13 20:46:43 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_contact&task=view&contact_
[Tue Jan 13 20:46:54 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=section&id=10&Itemid=51
[Tue Jan 13 20:47:20 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=section&id=9&Itemid=44
[Tue Jan 13 20:47:30 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=25&Itemid=58
[Tue Jan 13 20:47:30 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=25&Itemid=58
[Tue Jan 13 20:47:31 2009] [error] [client 72.93.32.176] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=25&Itemid=58
[Tue Jan 13 21:07:46 2009] [error] [client 192.168.5.178] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=category&sectionid=10&id=46&Itemid=84
[Tue Jan 13 21:07:58 2009] [error] [client 192.168.5.178] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=section&id=10&Itemid=51
[Tue Jan 13 21:08:02 2009] [error] [client 192.168.5.178] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=category&sectionid=10&id=31&Itemid=51
[Tue Jan 13 21:08:10 2009] [error] [client 192.168.5.178] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=240&Itemid=51
[Tue Jan 13 21:08:10 2009] [error] [client 192.168.5.178] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=240&Itemid=51
[Tue Jan 13 21:08:10 2009] [error] [client 192.168.5.178] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=240&Itemid=51
[Tue Jan 13 21:08:10 2009] [error] [client 192.168.5.178] client denied by server configuration: /home/e-smith/files/ibays/images/html/M_images, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=240&Itemid=51
[Tue Jan 13 21:08:15 2009] [error] [client 192.168.5.178] client denied by server configuration: /home/e-smith/files/ibays/images/html/stories, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=240&Itemid=51
[Tue Jan 13 21:08:27 2009] [error] [client 192.168.5.178] client denied by server configuration: /home/e-smith/files/ibays/images/html/stories, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=240&Itemid=51
[Tue Jan 13 21:08:38 2009] [error] [client 192.168.5.178] client denied by server configuration: /home/e-smith/files/ibays/images/html/stories, referer: http://www.shomewhere.com/index.php?option=com_content&task=view&id=240&Itemid=51
[client 74.55.128.226] script '/home/e-smith/files/ibays/website/html/errors.php' not found or unable to stat
[Tue Jan 13 21:35:08 2009] [error] [client 192.168.5.75] client denied by server configuration: /home/e-smith/files/ibays/images/html
[Tue Jan 13 21:35:50 2009] [notice] Graceful restart requested, doing restart
[Tue Jan 13 21:35:50 2009] [notice] Digest: generating secret for digest authentication ...
[Tue Jan 13 21:35:50 2009] [notice] Digest: done
[Tue Jan 13 21:35:50 2009] [notice] Apache configured -- resuming normal operations

Hope this sheds some light on the issue.

Grattman

Logged

...

Stefano

10,894
+3/-0

Re: 403 issue

« Reply #4 on: January 19, 2009, 02:26:06 PM »

hi

if your server has been compromised:
- DON'T report security issue here.. contact security at contribs dot org
- unplug its ethernet cable and leave disconnected from wan

Ciao
Stefano

Logged

grattman

122
+0/-0

Re: 403 issue

« Reply #5 on: January 20, 2009, 03:04:29 PM »

Okay...so some more poking around reveals that it seems to be an http conf problem.

I can set up a new ibay with the joomla files in it and they are all accessible. However, once I go to domains and point the domain to that ibay, the images directory becomes 403 regardless of what permissions I set it to.

I am not sure how this changed, but it certainly did and I do not know how to repair it without your help.

Thanks in advance,
Grattman

Logged

...

grattman

122
+0/-0

SOLVED - Re: 403 issue

« Reply #6 on: January 24, 2009, 02:12:06 PM »

SOLVED

I had made an ibay called images to store clonezilla images on. Even though I did not check Public access via web or anonymous ftp it became the overriding images directory for domain.com/images.

Leasson learned.

Logged

...