You don't have permission to access [folder]/home/ on this server

Kirby 3 Solved ✅
1

When attempting to access, via browser, my kirby installation at this url:

[domain]/[folder]/home

I get this message:

You don't have permission to access /[folder]/home/ on this server.

But I CAN access:

[domain]/[folder]/

And I CAN also access

http://localhost/[folder]/[folder]/home

…on the local repo of the same kirby install.

I’ve checked the permissions of content/home/ folder and its content file and they are 755/644 on remote and 775/664 on local. On remote, the owner and group are the same, on local they are myuser/www-data.

Any idea what may be causing this?

If you wonder why am I trying to access /home, it is a side-effect of using history.pushtate in this particular project.

Thank you

2

What is folder in this case, a subfolder with the Kirby installation.

Check your .htaccess or server configuration if there are any rewrites that could be causing this.

3

In this case [folder] is a subfolder with the Kirby installation , yes.

There is nothing in config.php that should be causing this:

<?php
    return [
    	'panel' =>[
    		'install' => false
    	],
    	'debug' => true,
    	'whoops' => true,
    	'thumbs' => [
    		'driver' => 'im'
    	],
    	'hooks' => [
    			'page.changeStatus:after' => function ($newPage, $oldPage) {
    				if($newPage->status() != "draft") {
    					$newPage->update([
    						'publicationDate'        => date("Y-m-d H:i:s")
    					]);	
    				}
    			}
    	]
    ];

.There are a couple rewrites in the htaccess, but they are the same local and remote, and I believe they are default. Should I ‘RewriteBase /[folder]’ on remote?

# Kirby .htaccess

# rewrite rules
<IfModule mod_rewrite.c>

# enable awesome urls. i.e.:
# http://yourdomain.com/about-us/team
RewriteEngine on

# make sure to set the RewriteBase correctly
# if you are running the site in a subfolder.
# Otherwise links or the entire site will break.
#
# If your homepage is http://yourdomain.com/mysite
# Set the RewriteBase to:
#
# RewriteBase /mysite

# In some enviroments it's necessary to
# set the RewriteBase to:
#
# RewriteBase /

# block files and folders beginning with a dot, such as .git
# except for the .well-known folder, which is used for Let's Encrypt and security.txt
RewriteRule (^|/)\.(?!well-known\/) index.php [L]

# block text files in the content folder from being accessed directly
RewriteRule ^content/(.*)\.(txt|md|mdown)$ index.php [L]

# block all files in the site folder from being accessed directly
# except for requests to plugin assets files
RewriteRule ^site/(.*) index.php [L]

# Enable authentication header
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

# block direct access to kirby and the panel sources
RewriteRule ^kirby/(.*) index.php [L]

# make site links work
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*) index.php [L]

</IfModule>

# compress text file responses
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE application/json
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
</IfModule>
4

Do any other subfolders work with the current setting? You might indeed have to set the RewriteBase to the subfolder or to /, depending on server.

5

Setting RewriteBase /[folder] does not change anything.

Setting RewriteBase / neither.

Trying to access [domain]/[folder]/error results in the same 403 error.

I have a content/eco/ folder which works as a sort of ajax endpoint, and this one I can access, no 403.

I can access all the rest of the pages.

Just in case, I do have templates for all of them except eror. (edited, typo)

6

What I actually meant was if there is another .htaccess on a higher level (or a server config file) that might interfere here.

What if you point a subdomain to the subfolder?

7

There is actually another .htaccess file one level up, directly in [domain]
It is the same I posted, default.
Why would it conflict with /home and nothing else tho?

I cannot try the subdomain pointing at the moment.

Thank you

8

I uploaded the install to another subfolder on another server which does not have a kirby installation on its parent folder, and I don’t have the same 403 error.

What could be a temporary way to ‘deactivate’ the parent kirby installation to test if its conflicting? Perhaps renaming .htaccess would be enough?

Thank you

9

Hm, you could try this, but I’m actually not sure it’s something in that parent .htaccess. Could also be a route of the parent Kirby installation. A bit strange that only those two routes are affected.

10

Actually… the content of the parent kirby was duplicated on the root of this subfolder kirby. There were 0_test/, error/ and home/ folders there, plus a site.txt file.

Deleting all of these resulted in my problem being solved.

How did these files and folders reached that subfolder and how were they preventing regular navigation, escapes me and puzzles me.

If you have any idea I’d be great to understand.

Thank you

11

I have no idea.

1 Like