HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Developers' Forum (http://www.howtoforge.com/forums/forumdisplay.php?f=33)
-   -   403 error with new websites. (http://www.howtoforge.com/forums/showthread.php?t=52017)

otacon 24th March 2011 22:39

403 error with new websites.
 
When I use the following script to create a website and client through API functions I get a 403 error on my new website. Creating the website through ispconfig control panel works fine. I verified the linux group and linux user with other websites and they seem correct.

I then

chown -R root:client0 ../testing1.remcycle.net
and
chmod -R 744 ../testing1.remcycle.net

But that didn't do anything for me.

Suggestions would be great!

PHP Code:

<?php

/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of ISPConfig nor the names of its contributors
      may be used to endorse or promote products derived from this software without
      specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

//* Examples for the remoting framework

//* Login credentials
require('soap_config.php');


// Create the SOAP Client
$client = new SoapClient(null, array('location' => $soap_location,
                                     
'uri'      => $soap_uri));


try {
    
//* Login to the remote server
    
if($session_id $client->login($username,$password)) {
        echo 
'Logged into remote server sucessfully. The SessionID is '.$session_id.'<br />';
    }    
    
$params = array(        'server_id' => 1,
                    
'company_name' => $_POST["company"],
                    
'contact_name' => $_REQUEST["name"],
                    
'username' =>$_POST["username"],
                    
'password' =>$_POST["password"],
                    
'language' =>'en',
                    
'usertheme' =>'default',
                    
'street' =>$_POST["address"],
                    
'zip' =>$_POST["zipcode"],
                    
'city' =>$_POST["city"],
                    
'state' =>$_POST["state"],
                    
'country' =>$_POST["country"],
                    
'telephone' =>$_POST["phone_number"],
                    
'mobile' =>'',
                    
'fax' =>'',
                    
'internet' =>'',
                    
'icq' =>'',
                    
'notes' =>'',  
                    
'template_master' => '0',
                    
'template_additional' =>'',
                    
'default_mailserver' =>'1',
                    
'limit_maildomain' =>'1',
                    
'limit_mailbox' =>'-1',
                    
'limit_mailalias' =>'-1',
                    
'limit_mailforward' =>'-1',
                    
'limit_mailcatchall' =>'-1',
                    
'limit_mailrouting' => '-1',
                    
'limit_mailfilter' =>'-1',
                    
'limit_fetchmail' =>'-1',
                    
'limit_mailquota' =>'-1',
                    
'limit_spamfilter_wblist' =>'-1',
                    
'limit_spamfilter_user' =>'-1',
                    
'limit_spamfilter_policy' =>'-1',
                    
'default_webserver' =>'1',
                    
'limit_web_domain' =>'-1',
                    
'web_php_options' =>"SuPHP",
                    
'limit_web_aliasdomain' =>'-1',
                    
'limit_web_subdomain' =>'-1',
                    
'limit_ftp_user' =>'-1',
                    
'limit_shell_user' =>'-1',
                    
'ssh_chroot' =>'None',
                    
'default_dnsserver' =>'1',
                    
'limit_dns_zone' =>'-1',
                    
'limit_dns_record' =>'-1',
                    
'limit_client' =>'0',
                    
'default_dbserver' =>'1',
                    
'limit_database' =>'-1',
                    
'limit_cron' =>'0',
                    
'limit_cron_type' =>'',
                    
'limit_cron_frequency' =>'-1');
    
    
$con mysql_connect("localhost","noneya","******");
    if (!
$con)
    {
        die(
'Could not connect: ' mysql_error());
    }
    
mysql_select_db("dbispconfig"$con);
    
$reseller_id 0;
    
$domain_id $client->client_add($session_id$reseller_id$params);
    
$tablename         "web_domain"
    
$next_increment     0
    
$qShowStatus         "SHOW TABLE STATUS LIKE '$tablename'"
    
$qShowStatusResult     mysql_query($qShowStatus) or die ( "Query failed: " mysql_error() . "<br/>" $qShowStatus ); 
    
$row mysql_fetch_assoc($qShowStatusResult); 
    
$next_increment $row['Auto_increment']; 
    
    
$domain_id $next_increment
    
$params_website = array('server_id' => 1
                            
'ip_address' => '*'
                            
'domain' => $_POST["username"].'.remcycle.net'
                            
'type' => 'vhost'
                            
'parent_domain_id' => ''
                            
'vhost_type' => 'name'
                            
'hd_quota' => '50'
                            
'traffic_quota' => '1000'
                            
'cgi' =>'n'
                            
'ssi' =>'n'
                            
'suexec' =>'n'
                            
'errordocs' =>'1'
                            
'subdomain' =>'www'
                            
'ssl' =>'n'
                            
                            
'php' =>"mod"
                            
'ruby' =>'n'
                            
'active' =>'y'
                            
                            
'redirect_type' =>'no'
                            
'redirect_path' =>''
                            
                            
'ssl_state' =>''
                            
'ssl_organisation' =>''
                            
'ssl_organisation_unit' =>''
                            
'ssl_country' =>''
                            
'ssl_domain' => $_POST["username"].'.remcycle.net'
                            
'ssl_request' =>''
                            
'ssl_cert' =>''
                            
'ssl_bundle' =>''
                            
'ssl_action' =>''
                            
                            
                            
//'stats_password' =>$password, 
                            
'stats_password' =>''
                            
'stats_type' =>'webalizer'
                            
                            
'backup_interval' =>'monthly'
                            
'backup_copies' =>'1'
                            
                            
'document_root' =>'/var/www/remcycle.net/'
                            
'system_user' =>'web'.$domain_id
                            
'system_group' =>'client0'
                            
'allow_override' =>'All'
                            
'php_open_basedir' =>'/var/www/clients/client0/web'.$domain_id.'/web:/var/www/clients/client0/web'.$domain_id.'/tmp:/var/www/'.$_POST["username"].'remcycle.net/web:/srv/www/'.$_POST["username"].'remcycle.net/web:/usr/share/php5:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin'
                            
'custom_php_ini' =>'',  
                            
'apache_directives' =>''
                            
'client_group_id' =>$client_id+
                            
); 
    
    
$website_id $client->sites_web_domain_add($session_id$client_id$params_website);  
    
    
//* ----------------------------------------------------------
    //* Example functions
    //* ----------------------------------------------------------
    
    /*
    //* Add a email domain
    $params = array(    'server_id' => 1,
                        'domain' => 'domain.tld',
                        'active' => 'y');
    $client_id = 0;
    $domain_id = $client->mail_domain_add($session_id, $client_id, $params);
    */
    
    /*
    //* Update email domain
    $params = array(    'server_id' => 1,
                        'domain' => 'domain.tld',
                        'active' => 'y');
    //* ID of the client. 0 = the admin owns this record.
    $client_id = 0;
    
    // ID of the domain whch shall be updated.
    $domain_id = 1;
    
    // Call the domain update function
    $domain_id = $client->mail_domain_update($session_id, $client_id, $domain_id, $params);
    */
    
    
    //* Logout
    
if($client->logout($session_id)) {
        echo 
'Logged out sucessfully.<br />';
    }
    
    
} catch (
SoapFault $e) {
    die(
'SOAP Error: '.$e->getMessage());
}

2011-03-24 16:21 server1.remcycle.net Debug Processed datalog_id 259
2011-03-24 16:21 server1.remcycle.net Debug Apache online status after restart is: 1
2011-03-24 16:21 server1.remcycle.net Debug Calling function 'restartHttpd' from module 'web_module'.
2011-03-24 16:21 server1.remcycle.net Debug Apache status is: 1
2011-03-24 16:21 server1.remcycle.net Debug Writing the vhost file: /etc/apache2/sites-available/testing1.remcycle.net.vhost
2011-03-24 16:21 server1.remcycle.net Debug Disable SSL for: testing1.remcycle.net
2011-03-24 16:21 server1.remcycle.net Debug exec: chown web13:client43 /var/www/clients/client43/web13/log/error.log
2011-03-24 16:21 server1.remcycle.net Debug exec: chown web13:client43 /var/www/clients/client43/web13
2011-03-24 16:21 server1.remcycle.net Debug exec: chmod 751 /var/www/clients/client43/web13/*
2011-03-24 16:21 server1.remcycle.net Debug exec: chmod 751 /var/www/clients/client43/web13/
2011-03-24 16:21 server1.remcycle.net Debug Adding the group: client43
2011-03-24 16:21 server1.remcycle.net Debug Creating Symlink: ln -s /var/www/clients/client43/web13/ /var/www/clients/client43/testing1.remcycle.net
2011-03-24 16:21 server1.remcycle.net Debug Creating Symlink: ln -s /var/www/clients/client43/web13/ /var/www/testing1.remcycle.net
2011-03-24 16:21 server1.remcycle.net Debug Moving site to new document root: mv /var/www/clients/client0/web13 /var/www/clients/client43
2011-03-24 16:21 server1.remcycle.net Debug Removed Symlink: rm -f /var/www/clients/client0/testing1.remcycle.net
2011-03-24 16:21 server1.remcycle.net Debug Removed Symlink: rm -f /var/www/testing1.remcycle.net
2011-03-24 16:21 server1.remcycle.net Debug Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
2011-03-24 16:21 server1.remcycle.net Debug Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'.



I even tried to change the client hopping that would chmod and chown, but that didn't do anything either.

till 24th March 2011 23:02

Quote:

chown -R root:client0 ../testing1.remcycle.net
and
chmod -R 744 ../testing1.remcycle.net
The site will not work with this chmod settings. Please delete the site in ispconfig, it can not be used for further teststs with this settings.

Regarding your original problem, after you delete the website, create it again. Then try to access it and when you get an error, please look in the apache error.log of the website and post the exact error message that you find there.

Also the document root in your script is wrong, a document root "/var/www/remcycle.net/" can not be used, as /var/www/remcycle.net/ is a symlink to the document root and not the folder that contains the website. The document root is a folder like /var/www/clients/client2/web1

otacon 25th March 2011 01:31

Thank you for your reply.

I have now changed

PHP Code:

'document_root' =>'/var/www/remcycle.net/'

to
PHP Code:

'document_root' =>'/var/www/clients/client0/web'.$domain_id


I don't seem to have any errors in my log, but here is what I have

2011-03-24 19:23 server1.remcycle.net Debug exec: chown web14:client0 /var/www/clients/client0/web14
2011-03-24 19:23 server1.remcycle.net Debug exec: chown -R web14:client0 /var/www/clients/client0/web14
2011-03-24 19:23 server1.remcycle.net Debug Adding the user: web14
2011-03-24 19:23 server1.remcycle.net Debug Creating Symlink: ln -s /var/www/clients/client0/web14/ /var/www/clients/client0/testing2.remcycle.net
2011-03-24 19:23 server1.remcycle.net Debug Creating Symlink: ln -s /var/www/clients/client0/web14/ /var/www/testing2.remcycle.net
2011-03-24 19:23 server1.remcycle.net Debug Creating Symlink: ln -s /var/log/ispconfig/httpd/testing2.remcycle.net /var/www/clients/client0/web14/log
2011-03-24 19:23 server1.remcycle.net Debug Calling function 'insert' from plugin 'apache2_plugin' raised by event 'web_domain_insert'.
2011-03-24 19:23 server1.remcycle.net Debug Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_insert'.
2011-03-24 19:23 server1.remcycle.net Debug Processed datalog_id 264
2011-03-24 19:23 server1.remcycle.net Debug Processed datalog_id 263
2011-03-24 19:23 server1.remcycle.net Debug Found 3 changes, starting update process.



I of course deleted testing1.remcycle.net and this is the output of testing2.remcycle.net.

Unfortunately even with me making the changes suggested I still get, "ERROR 403 - Forbidden!

The following error occurred:

You are not permitted to access the requested URL.

Please contact the webmaster with any queries."

till 25th March 2011 11:21

PLease check the error.log of the website. If you get a 403 error, then it must be listed there. I do not talk about the ispconfig log!

otacon 25th March 2011 14:23

error.log

Code:

[Thu Mar 24 19:23:05 2011] [error] [client 98.226.168.246] client denied by server configuration: /
[Thu Mar 24 20:26:32 2011] [error] [client 98.226.168.246] client denied by server configuration: /
[Thu Mar 24 21:24:36 2011] [error] [client 98.226.168.246] client denied by server configuration: /
[Thu Mar 24 21:24:36 2011] [error] [client 98.226.168.246] File does not exist: /var/www/testing2.remcycle.net/web/favicon.ico, referer: http://testing2.remcycle.net/

testing2.remcycle.net/index.html works.

I guess I could fix it with an htaccess file , but I would prefer to figure out why the directory isn't forwarding to index.html.

falko 26th March 2011 16:36

Do you have a DirectoryIndex directive in your vhost?
http://httpd.apache.org/docs/2.0/mod...directoryindex

otacon 26th March 2011 23:06

both /etc/apache2/sites-available/testing2.remcycle.net.vhost
/etc/apache2/sites-enabled/testing2.remcycle.net.vhost

do not have DirectoryIndex.

here is my vhost:

Quote:

GNU nano 2.0.7 File: /etc/apache2/sites-available/testing2.remcycle.net.vhost Modified


<Directory /var/www/testing2.remcycle.net>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>

<VirtualHost *:80>
DocumentRoot /var/www/testing2.remcycle.net/web
ServerName testing2.remcycle.net
ServerAlias www.testing2.remcycle.net
ServerAdmin webmaster@testing2.remcycle.net

ErrorLog /var/log/ispconfig/httpd/testing2.remcycle.net/error.log


ErrorDocument 400 /error/400.html
ErrorDocument 401 /error/401.html
ErrorDocument 403 /error/403.html
ErrorDocument 404 /error/404.html
ErrorDocument 405 /error/405.html
ErrorDocument 500 /error/500.html
ErrorDocument 503 /error/503.html

<Directory /var/www/testing2.remcycle.net/web>
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<Directory /var/www/clients/client0/web14/web>
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>

# Clear PHP settings of this website
<FilesMatch "\.ph(p3?|tml)$">
SetHandler None
</FilesMatch>
# mod_php enabled
AddType application/x-httpd-php .php .php3 .php4 .php5
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fwebmaster@testing2.remcycle.net"
php_admin_value upload_tmp_dir /var/www/clients/client0/web14/tmp
php_admin_value session.save_path /var/www/clients/client0/web14/tmp
# PHPIniDir /var/www/conf/web14
php_admin_value open_basedir /var/www/clients/client0/web14/web:/var/www/clients/client0/web14/tmp:/var/www/testing2.remcycle.net/web:/srv/www/testing2.remcycle.net/web:/usr/share/php5:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin

RewriteEngine on
RewriteCond %{HTTP_HOST} ^testing2.remcycle.net [NC]
RewriteRule ^/(.*)$ /$1
RewriteCond %{HTTP_HOST} ^www.testing2.remcycle.net [NC]
RewriteRule ^/(.*)$ /$1

# add support for apache mpm_itk
<IfModule mpm_itk_module>
AssignUserId web14 client0
</IfModule>

<IfModule mod_dav_fs.c>
# DO NOT REMOVE THE COMMENTS!
# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
# WEBDAV BEGIN
# WEBDAV END
</IfModule>


</VirtualHost>



otacon 26th March 2011 23:22

I tried to add "DirectoryIndex index.html" to the vhost and then restarted the system, but that did not solve the issue.

I then deleted the website and readded it just in case that messed up ispconfig.

falko 27th March 2011 21:28

Still not working? Can you post the output of
Code:

ls -la /var/www/testing2.remcycle.net/web/
?

otacon 27th March 2011 23:31

server1:~# ls -la /var/www/testing3.remcycle.net/web/
total 20
drwx--x--- 4 web15 client0 4096 2011-03-24 19:34 .
drwxr-x--x 6 web15 client0 4096 2011-03-24 19:34 ..
drwxr-xr-x 2 web15 client0 4096 2011-03-24 19:34 error
-rwxr-xr-- 1 web15 client0 1861 2011-03-24 19:34 index.html
drwxr-xr-x 2 root root 4096 2011-03-24 19:34 stats


All times are GMT +2. The time now is 06:15.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.