Jump to content

Cannot Upload Images (403 Forbidden)


newtopw
 Share

Recommended Posts

Hi all,

I've been developing a small site using PW 2.2 on my dev account at phpfog and things have been going pretty smooth. So comes the time to move the site to production (running PHP 5.2.17, safe_mode off, PW debug set to true) and I've been unable to upload new images ever since. The site/assets folder is writable (also set permissions of all folder in it to 777 just in case). When I create a new page and try to upload a new image, the upload process doesn't start (nothing happens) but the file size is shown and the page's folder is created under assets/files. Upon inspection using Firebug's console I get a 403 Forbidden for the Ajax uploader's POST response:

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /beta/processwire/page/edit/
on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
</body></html>

Checking phpinfo I found that that the upload_tmp_dir variable is not set (no value) so I tried overriding it in config.php as outlined in this thread. Still no luck. I dumped the site to my computer and upload works fine.

Anybody have an idea what I'm doing wrong? Thanks!

Link to comment
Share on other sites

That 403 forbidden message is coming from the web server, not ProcessWire. It looks like something at the server is taking control and interrupting the file post. I would guess that this has to do with a mod_security setting at the server. They don't appear to be ajax upload friendly. If you want to PM me a link to your phpinfo() I'll be happy to take a look. Though I'm guessing only the phpfog support can answer this one for us.

Link to comment
Share on other sites

Okay I talked with the web hosting provider about the issue and indeed as Ryan's guess they said it had to do with a mod_security rule. The web host admin did something to the account and now upload works fine.

Cheers

  • Like 1
Link to comment
Share on other sites

Thanks for the followup. I didn't see anything in your PHPinfo when I looked yesterday (except possibly the safe_mode setting), but got sidetracked before I could reply. Glad it's all working now.

Link to comment
Share on other sites

  • 1 month later...

This definitely sounds like mod_security. When posting a form with a field that has specific tags in it causes a 403, and posting it without them works, then you can be pretty sure that's mod_security coming into play. It sounds like your host has mod_security configured to block <iframe> tags appearing in POST submission values. This doesn't make a lot of sense given that all the embedding sites like YouTube use the iframe tag. I would check with your host and ask them how to disable these mod_security rules so that you can properly use the account.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...