Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Developers' Forum

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 24th March 2011, 22:39
otacon otacon is offline
Senior Member
 
Join Date: Sep 2010
Posts: 109
Thanks: 5
Thanked 5 Times in 5 Posts
Default 403 error with new websites.

When I use the following script to create a website and client through API functions I get a 403 error on my new website. Creating the website through ispconfig control panel works fine. I verified the linux group and linux user with other websites and they seem correct.

I then

chown -R root:client0 ../testing1.remcycle.net
and
chmod -R 744 ../testing1.remcycle.net

But that didn't do anything for me.

Suggestions would be great!

PHP Code:
<?php

/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

    * Redistributions of source code must retain the above copyright notice,
      this list of conditions and the following disclaimer.
    * Redistributions in binary form must reproduce the above copyright notice,
      this list of conditions and the following disclaimer in the documentation
      and/or other materials provided with the distribution.
    * Neither the name of ISPConfig nor the names of its contributors
      may be used to endorse or promote products derived from this software without
      specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

//* Examples for the remoting framework

//* Login credentials
require('soap_config.php');


// Create the SOAP Client
$client = new SoapClient(null, array('location' => $soap_location,
                                     
'uri'      => $soap_uri));


try {
    
//* Login to the remote server
    
if($session_id $client->login($username,$password)) {
        echo 
'Logged into remote server sucessfully. The SessionID is '.$session_id.'<br />';
    }    
    
$params = array(        'server_id' => 1,
                    
'company_name' => $_POST["company"],
                    
'contact_name' => $_REQUEST["name"],
                    
'username' =>$_POST["username"],
                    
'password' =>$_POST["password"],
                    
'language' =>'en',
                    
'usertheme' =>'default',
                    
'street' =>$_POST["address"],
                    
'zip' =>$_POST["zipcode"],
                    
'city' =>$_POST["city"],
                    
'state' =>$_POST["state"],
                    
'country' =>$_POST["country"],
                    
'telephone' =>$_POST["phone_number"],
                    
'mobile' =>'',
                    
'fax' =>'',
                    
'internet' =>'',
                    
'icq' =>'',
                    
'notes' =>'',  
                    
'template_master' => '0',
                    
'template_additional' =>'',
                    
'default_mailserver' =>'1',
                    
'limit_maildomain' =>'1',
                    
'limit_mailbox' =>'-1',
                    
'limit_mailalias' =>'-1',
                    
'limit_mailforward' =>'-1',
                    
'limit_mailcatchall' =>'-1',
                    
'limit_mailrouting' => '-1',
                    
'limit_mailfilter' =>'-1',
                    
'limit_fetchmail' =>'-1',
                    
'limit_mailquota' =>'-1',
                    
'limit_spamfilter_wblist' =>'-1',
                    
'limit_spamfilter_user' =>'-1',
                    
'limit_spamfilter_policy' =>'-1',
                    
'default_webserver' =>'1',
                    
'limit_web_domain' =>'-1',
                    
'web_php_options' =>"SuPHP",
                    
'limit_web_aliasdomain' =>'-1',
                    
'limit_web_subdomain' =>'-1',
                    
'limit_ftp_user' =>'-1',
                    
'limit_shell_user' =>'-1',
                    
'ssh_chroot' =>'None',
                    
'default_dnsserver' =>'1',
                    
'limit_dns_zone' =>'-1',
                    
'limit_dns_record' =>'-1',
                    
'limit_client' =>'0',
                    
'default_dbserver' =>'1',
                    
'limit_database' =>'-1',
                    
'limit_cron' =>'0',
                    
'limit_cron_type' =>'',
                    
'limit_cron_frequency' =>'-1');
    
    
$con mysql_connect("localhost","noneya","******");
    if (!
$con)
    {
        die(
'Could not connect: ' mysql_error());
    }
    
mysql_select_db("dbispconfig"$con);
    
$reseller_id 0;
    
$domain_id $client->client_add($session_id$reseller_id$params);
    
$tablename         "web_domain"
    
$next_increment     0
    
$qShowStatus         "SHOW TABLE STATUS LIKE '$tablename'"
    
$qShowStatusResult     mysql_query($qShowStatus) or die ( "Query failed: " mysql_error() . "<br/>" $qShowStatus ); 
    
$row mysql_fetch_assoc($qShowStatusResult); 
    
$next_increment $row['Auto_increment']; 
    
    
$domain_id $next_increment
    
$params_website = array('server_id' => 1
                            
'ip_address' => '*'
                            
'domain' => $_POST["username"].'.remcycle.net'
                            
'type' => 'vhost'
                            
'parent_domain_id' => ''
                            
'vhost_type' => 'name'
                            
'hd_quota' => '50'
                            
'traffic_quota' => '1000'
                            
'cgi' =>'n'
                            
'ssi' =>'n'
                            
'suexec' =>'n'
                            
'errordocs' =>'1'
                            
'subdomain' =>'www'
                            
'ssl' =>'n'
                            
                            
'php' =>"mod"
                            
'ruby' =>'n'
                            
'active' =>'y'
                            
                            
'redirect_type' =>'no'
                            
'redirect_path' =>''
                            
                            
'ssl_state' =>''
                            
'ssl_organisation' =>''
                            
'ssl_organisation_unit' =>''
                            
'ssl_country' =>''
                            
'ssl_domain' => $_POST["username"].'.remcycle.net'
                            
'ssl_request' =>''
                            
'ssl_cert' =>''
                            
'ssl_bundle' =>''
                            
'ssl_action' =>''
                            
                            
                            
//'stats_password' =>$password, 
                            
'stats_password' =>''
                            
'stats_type' =>'webalizer'
                            
                            
'backup_interval' =>'monthly'
                            
'backup_copies' =>'1'
                            
                            
'document_root' =>'/var/www/remcycle.net/'
                            
'system_user' =>'web'.$domain_id
                            
'system_group' =>'client0'
                            
'allow_override' =>'All'
                            
'php_open_basedir' =>'/var/www/clients/client0/web'.$domain_id.'/web:/var/www/clients/client0/web'.$domain_id.'/tmp:/var/www/'.$_POST["username"].'remcycle.net/web:/srv/www/'.$_POST["username"].'remcycle.net/web:/usr/share/php5:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin'
                            
'custom_php_ini' =>'',  
                            
'apache_directives' =>''
                            
'client_group_id' =>$client_id+
                            
); 
    
    
$website_id $client->sites_web_domain_add($session_id$client_id$params_website);  
    
    
//* ----------------------------------------------------------
    //* Example functions
    //* ----------------------------------------------------------
    
    /*
    //* Add a email domain
    $params = array(    'server_id' => 1,
                        'domain' => 'domain.tld',
                        'active' => 'y');
    $client_id = 0;
    $domain_id = $client->mail_domain_add($session_id, $client_id, $params);
    */
    
    /*
    //* Update email domain
    $params = array(    'server_id' => 1,
                        'domain' => 'domain.tld',
                        'active' => 'y');
    //* ID of the client. 0 = the admin owns this record.
    $client_id = 0;
    
    // ID of the domain whch shall be updated.
    $domain_id = 1;
    
    // Call the domain update function
    $domain_id = $client->mail_domain_update($session_id, $client_id, $domain_id, $params);
    */
    
    
    //* Logout
    
if($client->logout($session_id)) {
        echo 
'Logged out sucessfully.<br />';
    }
    
    
} catch (
SoapFault $e) {
    die(
'SOAP Error: '.$e->getMessage());
}
2011-03-24 16:21 server1.remcycle.net Debug Processed datalog_id 259
2011-03-24 16:21 server1.remcycle.net Debug Apache online status after restart is: 1
2011-03-24 16:21 server1.remcycle.net Debug Calling function 'restartHttpd' from module 'web_module'.
2011-03-24 16:21 server1.remcycle.net Debug Apache status is: 1
2011-03-24 16:21 server1.remcycle.net Debug Writing the vhost file: /etc/apache2/sites-available/testing1.remcycle.net.vhost
2011-03-24 16:21 server1.remcycle.net Debug Disable SSL for: testing1.remcycle.net
2011-03-24 16:21 server1.remcycle.net Debug exec: chown web13:client43 /var/www/clients/client43/web13/log/error.log
2011-03-24 16:21 server1.remcycle.net Debug exec: chown web13:client43 /var/www/clients/client43/web13
2011-03-24 16:21 server1.remcycle.net Debug exec: chmod 751 /var/www/clients/client43/web13/*
2011-03-24 16:21 server1.remcycle.net Debug exec: chmod 751 /var/www/clients/client43/web13/
2011-03-24 16:21 server1.remcycle.net Debug Adding the group: client43
2011-03-24 16:21 server1.remcycle.net Debug Creating Symlink: ln -s /var/www/clients/client43/web13/ /var/www/clients/client43/testing1.remcycle.net
2011-03-24 16:21 server1.remcycle.net Debug Creating Symlink: ln -s /var/www/clients/client43/web13/ /var/www/testing1.remcycle.net
2011-03-24 16:21 server1.remcycle.net Debug Moving site to new document root: mv /var/www/clients/client0/web13 /var/www/clients/client43
2011-03-24 16:21 server1.remcycle.net Debug Removed Symlink: rm -f /var/www/clients/client0/testing1.remcycle.net
2011-03-24 16:21 server1.remcycle.net Debug Removed Symlink: rm -f /var/www/testing1.remcycle.net
2011-03-24 16:21 server1.remcycle.net Debug Calling function 'update' from plugin 'apache2_plugin' raised by event 'web_domain_update'.
2011-03-24 16:21 server1.remcycle.net Debug Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_update'.



I even tried to change the client hopping that would chmod and chown, but that didn't do anything either.
__________________
Debian 7.4 Server:
ISPConfig Version: 3.0.5.3

Please visit my Mini-howto, "How To Create Remote API Scripts For ISPConfig 3"
Reply With Quote
Sponsored Links
  #2  
Old 24th March 2011, 23:02
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,796
Thanks: 840
Thanked 5,612 Times in 4,423 Posts
Default

Quote:
chown -R root:client0 ../testing1.remcycle.net
and
chmod -R 744 ../testing1.remcycle.net
The site will not work with this chmod settings. Please delete the site in ispconfig, it can not be used for further teststs with this settings.

Regarding your original problem, after you delete the website, create it again. Then try to access it and when you get an error, please look in the apache error.log of the website and post the exact error message that you find there.

Also the document root in your script is wrong, a document root "/var/www/remcycle.net/" can not be used, as /var/www/remcycle.net/ is a symlink to the document root and not the folder that contains the website. The document root is a folder like /var/www/clients/client2/web1
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 25th March 2011, 01:31
otacon otacon is offline
Senior Member
 
Join Date: Sep 2010
Posts: 109
Thanks: 5
Thanked 5 Times in 5 Posts
Default

Thank you for your reply.

I have now changed

PHP Code:
'document_root' =>'/var/www/remcycle.net/'
to
PHP Code:
'document_root' =>'/var/www/clients/client0/web'.$domain_id

I don't seem to have any errors in my log, but here is what I have

2011-03-24 19:23 server1.remcycle.net Debug exec: chown web14:client0 /var/www/clients/client0/web14
2011-03-24 19:23 server1.remcycle.net Debug exec: chown -R web14:client0 /var/www/clients/client0/web14
2011-03-24 19:23 server1.remcycle.net Debug Adding the user: web14
2011-03-24 19:23 server1.remcycle.net Debug Creating Symlink: ln -s /var/www/clients/client0/web14/ /var/www/clients/client0/testing2.remcycle.net
2011-03-24 19:23 server1.remcycle.net Debug Creating Symlink: ln -s /var/www/clients/client0/web14/ /var/www/testing2.remcycle.net
2011-03-24 19:23 server1.remcycle.net Debug Creating Symlink: ln -s /var/log/ispconfig/httpd/testing2.remcycle.net /var/www/clients/client0/web14/log
2011-03-24 19:23 server1.remcycle.net Debug Calling function 'insert' from plugin 'apache2_plugin' raised by event 'web_domain_insert'.
2011-03-24 19:23 server1.remcycle.net Debug Calling function 'ssl' from plugin 'apache2_plugin' raised by event 'web_domain_insert'.
2011-03-24 19:23 server1.remcycle.net Debug Processed datalog_id 264
2011-03-24 19:23 server1.remcycle.net Debug Processed datalog_id 263
2011-03-24 19:23 server1.remcycle.net Debug Found 3 changes, starting update process.



I of course deleted testing1.remcycle.net and this is the output of testing2.remcycle.net.

Unfortunately even with me making the changes suggested I still get, "ERROR 403 - Forbidden!

The following error occurred:

You are not permitted to access the requested URL.

Please contact the webmaster with any queries."
__________________
Debian 7.4 Server:
ISPConfig Version: 3.0.5.3

Please visit my Mini-howto, "How To Create Remote API Scripts For ISPConfig 3"
Reply With Quote
  #4  
Old 25th March 2011, 11:21
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,796
Thanks: 840
Thanked 5,612 Times in 4,423 Posts
Default

PLease check the error.log of the website. If you get a 403 error, then it must be listed there. I do not talk about the ispconfig log!
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 25th March 2011, 14:23
otacon otacon is offline
Senior Member
 
Join Date: Sep 2010
Posts: 109
Thanks: 5
Thanked 5 Times in 5 Posts
Default

error.log

Code:
[Thu Mar 24 19:23:05 2011] [error] [client 98.226.168.246] client denied by server configuration: /
[Thu Mar 24 20:26:32 2011] [error] [client 98.226.168.246] client denied by server configuration: /
[Thu Mar 24 21:24:36 2011] [error] [client 98.226.168.246] client denied by server configuration: /
[Thu Mar 24 21:24:36 2011] [error] [client 98.226.168.246] File does not exist: /var/www/testing2.remcycle.net/web/favicon.ico, referer: http://testing2.remcycle.net/
testing2.remcycle.net/index.html works.

I guess I could fix it with an htaccess file , but I would prefer to figure out why the directory isn't forwarding to index.html.
__________________
Debian 7.4 Server:
ISPConfig Version: 3.0.5.3

Please visit my Mini-howto, "How To Create Remote API Scripts For ISPConfig 3"

Last edited by otacon; 25th March 2011 at 14:39.
Reply With Quote
  #6  
Old 26th March 2011, 16:36
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

Do you have a DirectoryIndex directive in your vhost?
http://httpd.apache.org/docs/2.0/mod...directoryindex
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 28th April 2011, 20:59
otacon otacon is offline
Senior Member
 
Join Date: Sep 2010
Posts: 109
Thanks: 5
Thanked 5 Times in 5 Posts
Default

Quote:
Originally Posted by otacon View Post
error.log

Code:
[Thu Mar 24 19:23:05 2011] [error] [client 98.226.168.246] client denied by server configuration: /
[Thu Mar 24 20:26:32 2011] [error] [client 98.226.168.246] client denied by server configuration: /
[Thu Mar 24 21:24:36 2011] [error] [client 98.226.168.246] client denied by server configuration: /
[Thu Mar 24 21:24:36 2011] [error] [client 98.226.168.246] File does not exist: /var/www/testing2.remcycle.net/web/favicon.ico, referer: http://testing2.remcycle.net/
testing2.remcycle.net/index.html works.

I guess I could fix it with an htaccess file , but I would prefer to figure out why the directory isn't forwarding to index.html.
should these errorlogs be saying client denied by / "root"? Why would it be trying to access root?

Is this normal or should it be /var/www/testing600.remcycle.net/web?



-----------------------------------------------------

Ok I think that was the problem. I added


<Directory />
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>


to testing600.remcycle.net.vhost and now it works.

Now I have to find out why it needs to go to the root directory.

Will adding this to the vhost create a security risk?


------------------------------------------------------------------

another update. I have found the issue inside the vhost.

in the vhosts that are created through API

PHP Code:
    RewriteEngine on
    RewriteCond 
%{HTTP_HOST}   ^test.remcycle.net [NC]
    
RewriteRule   ^/(.*)$ /$1  
    RewriteCond 
%{HTTP_HOST}   ^www.test.remcycle.net [NC]
    
RewriteRule   ^/(.*)$ /$
is added once this is removed the domain works perfectly. I am not sure what this means, but I will be doing a little googling to find out.
__________________
Debian 7.4 Server:
ISPConfig Version: 3.0.5.3

Please visit my Mini-howto, "How To Create Remote API Scripts For ISPConfig 3"

Last edited by otacon; 2nd May 2011 at 04:47. Reason: solution found
Reply With Quote
  #8  
Old 28th April 2011, 07:41
otacon otacon is offline
Senior Member
 
Join Date: Sep 2010
Posts: 109
Thanks: 5
Thanked 5 Times in 5 Posts
Default

Alright it has been long enough for me to be fed up with all this troubleshooting so instead of me just doing random things I find on the web I am going to have to do this in a more intelligent manner.

ok So I need to start off by listing all the possibilities of a 403 error on a web site then from that list systematically rule out each issue until I get to the root cause.

I need help with the first step of this process. My current list of possible causes is as follows:

1.Site is password protected.
2.Wrong Group for access
3. Wrong username for access
4.The website may be configured so as to disallow all attempted requests for directory listings


When accessing the directory from the internet what user and group is used by the user to access those files? Is it client24:web52 *example*?

Also I am having no issue when I create a website through the control panel. Does the API do this process manually or does it use whet ever the control panel uses? if it uses the same script then I would have to assume that the problem is in my registration script.


Thank you for your help and I hope I can figure this out soon,
otacon
__________________
Debian 7.4 Server:
ISPConfig Version: 3.0.5.3

Please visit my Mini-howto, "How To Create Remote API Scripts For ISPConfig 3"
Reply With Quote
  #9  
Old 28th April 2011, 17:29
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,796
Thanks: 840
Thanked 5,612 Times in 4,423 Posts
Default

Quote:
When accessing the directory from the internet what user and group is used by the user to access those files? Is it client24:web52 *example*?
Thats depends on the file type that you access and the options that you have set in the website. E.g. html files and images are accessed by the apache user while php scripts run under the web user when you have suexec enabled.

Quote:
Also I am having no issue when I create a website through the control panel. Does the API do this process manually or does it use whet ever the control panel uses? if it uses the same script then I would have to assume that the problem is in my registration script.
Then its most likely a problem with your script. ISPConfig uses the same code to create a website wether you use the ispconfig interface or the api.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig 3.0.3.2 & Webdav & 403 Forbidden Rescue9 Installation/Configuration 6 4th December 2011 17:05
403 error mark0168 General 3 15th August 2008 11:06
IMAP doesn't work..as i followed the Perfect Setup for Fedora 4 asokaajay Server Operation 11 10th June 2007 15:57
redirect websites provell General 2 1st December 2006 10:51
403 errors and virtual hosts tommywds Server Operation 3 27th June 2006 08:09


All times are GMT +2. The time now is 00:01.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.