Tweet
I am getting error 403 on loading an avatar, either as a user or admin. Is their a folder i should change permissions on? I am using a host who have Cpanel. All other functions appear to be working.
-
-
Do attachments uploading and downloading work?
Check permissions to data, data/upload -
Hi Yuri,
"Check permissions to data, data/upload" - I am not sure how to do that.
I have googled for hours and tried a lot of things. Different browsers, PC's and a tablet. All end up doing the same thing.
Below is a screen shot. I have tried it in different areas so maybe you are right that permissions are not set correctly? I have asked Register4Less (R4L) (my host) to check that for me.
As far as the install was concerned, i just used R4L softaculous, nothing special as far as tweaking or anything.
The files I have tried are JPG, GIF, PDF, DOC.
Espo allows for uploads which open my local drive and as soon as I click open I get Error 403. As their has been no upload success, I have not been able to download.
I changed all the .htaccess in Espo (there are 4) to 755, that didn't work so I changed them back to 644.
Hope you can help,
regards,
Ian
Comment
-
It can be some specific server configurations. Please check if this file exists .htaccess in the root directory and contains this line:
Code:RewriteRule .* - [E=HTTP_ESPO_CGI_AUTH:%{HTTP:Authorization}]Comment
-
That line does exist in that file. I had a look at all the htaccess files and I changed all the .htaccess in Espo (there are 4) to 755, that didn't work so I changed them back to 644.
Below are the contents of those 4 files.
#1+++++++++++++++++
/home/myfiles/public_html/espo/.htaccess
<ifModule mod_headers.c>
Header always set Access-Control-Allow-Methods "POST, GET, PUT, PATCH, DELETE"
</ifModule>
DirectoryIndex index.php index.html
<IfModule mod_rewrite.c>
RewriteEngine On
# PROTECTED DIRECTORIES
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^/?(data|api)/ - [F]
RewriteRule ^/?data/config\.php$ - [F]
RewriteRule ^/?data/logs/ - [F]
RewriteRule ^/?data/cache/ - [F]
RewriteRule ^/?data/upload/ - [F]
RewriteRule ^/?application/ - [F]
RewriteRule ^/?custom/ - [F]
RewriteRule ^/?vendor/ - [F]
#END PROTECTED DIRECTORIES
RewriteRule .* - [E=HTTP_ESPO_CGI_AUTH:%{HTTP:Authorization}]
RewriteRule reset/?$ reset.html [QSA,L]
</IfModule>
AuthName "Espro_Apco"
AuthUserFile "/home/austrddb/.htpasswds/public_html/espo/passwd"
#2+++++++++++++++++
/home/myfiles/public_html/espo/vendor/slim/slim/.htaccess
RewriteEngine On
# Some hosts may require you to use the `RewriteBase` directive.
# If you need to use the `RewriteBase` directive, it should be the
# absolute physical path to the directory that contains this htaccess file.
#
# RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [QSA,L]
#3+++++++++++++++++
/home/myfiles/public_html/espo/custom/Espo/Custom/.htaccess
Order Deny,Allow
Deny from all
#4+++++++++++++++++
/home/myfiles/public_html/espo/api/v1/.htaccess
RewriteEngine On
# Some hosts may require you to use the `RewriteBase` directive.
# If you need to use the `RewriteBase` directive, it should be the
# absolute physical path to the directory that contains this htaccess file.
#
# RewriteBase /
RewriteRule .* - [E=HTTP_ESPO_CGI_AUTH:%{HTTP:Authorization}]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [QSA,L]
++++++++++++++++++++++++++++++++++++++++++++++++++
Comment
-
Also I was able to import into "Leads".Comment
-
My host - R4L support - "I changed the permissions on data and data/upload but I doubt this is the problem since files WERE uploaded there already... something else is happening but there is no precise log of the error, and I have no experience with this software."
I subsequently tried to load an avatar to admin with no success - Error 403.
Very frustrating.
Ian
Comment
-
I passed the following on to support at R4L. I got this from another forum after searching for Error 403
It related to Espo and error 403.
> I've contacted the creator of Espo to see what I'm doing wrong. He thinks my server might
> be blocking PATCH requests. So I installed it on a XAMPP test on my Destkop
> and that worked fine. Yet I can't find any way to deny or allow PATCH
> requests.
>
> Does anyone know how to fix this?
>
> Edit: If I grab the request URL and just open the URL in a new tab it opens
> correctly. It just doens't handle the request
>
>
> ...there was a response...>>>
>
>
> The vhost needs permission to handle methods like PATCH.
>
> Add the LIMIT rules like below in your directory section in the vhost
> config:
>
> <Limit GET POST PUT DELETE HEAD OPTIONS PATCH>
> Order allow,deny
> Allow from all
> </Limit>
>
After my host made these changes everything worked.
Fantastic! Thank you for your help as well.
I guess this post can be closed.
Comment
-
Here is the precise detail of the fix:
Added the following code you sent me at the start of ~/public_html/espo/.htaccess :
<Limit GET POST PUT DELETE HEAD OPTIONS PATCH>
Order allow,deny
Allow from all
</Limit>Comment
Comment