Clean installation 8.4.2 permssion problem for admin user

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • rickjohns
    Junior Member
    • Oct 2020
    • 10

    Clean installation 8.4.2 permssion problem for admin user

    I have a dedicated server running AlmaLinux v8.10.0, MySQL 8.0.40 and PHP 8.3.13. I have 2 established instances of EspoCRM which I updated today to 8.4.2. Both work perfectly.

    Today I created a new account (domain) on the server and made a clean installation of EspoCRM 8.4.2 downloaded from the Espo site. Installation worked perfectly. All the 'user' functions (e.g. create a new contact, new account etc) work fine but as soon as I try to do anything in the administration menu (e.g. make a change to the User Interface) I get a message : ERROR 403 : ACCESS DENIED

    I can create new users (regular and admin) and save them, but as soon as I try to edit them I get the 403 message again.

    The only big difference I can see is in the config-internal.php file. The new instance has a long config file which includes "defaultPermissions" for user and group, whereas the two older instances have quite a short config file which don't mention defaultPermissions. There are probable other differences too, but this is the one that I noticed.

    ​Grateful for any pointers!

    Thanks Rick
  • victor
    Active Community Member
    • Aug 2022
    • 717

    #2
    Try again to provide the required Permissions: https://docs.espocrm.com/administrat...n/#permissions for the problematic instance:

    Code:
    find . -type d -exec chmod 755 {} + && sudo find . -type f -exec chmod 644 {} +;
    find data custom client/custom -type d -exec chmod 775 {} + && sudo find data custom client/custom -type f -exec chmod 664 {} +;
    chmod 775 application/Espo/Modules client/modules;
    chmod 754 bin/command;
    chown -R www-data:www-data .;

    Comment

    • rickjohns
      Junior Member
      • Oct 2020
      • 10

      #3
      Hi Victor, no change :-(

      Comment

      • shalmaxb
        Senior Member
        • Mar 2015
        • 1592

        #4
        webserver owner?

        Comment

        • lazovic
          Super Moderator
          • Jan 2022
          • 806

          #5
          Hi rickjohns,

          Please check if the PUT and DELETE methods are allowed in the settings for your new domain (server settings). If you do not know where to look for this option, please check this information with your hosting provider, this will be the fastest way to set it up.

          Comment

          • rickjohns
            Junior Member
            • Oct 2020
            • 10

            #6
            I see in htaccess file :

            <ifModule mod_headers.c>
            Header always set Access-Control-Allow-Methods "POST, GET, PUT, PATCH, DELETE"
            </ifModule>​

            Comment

            • lazovic
              Super Moderator
              • Jan 2022
              • 806

              #7
              rickjohns,

              Then you should check the error logs of your server directly; you can also attach the error log of your EspoCRM instance.

              Comment

              • rickjohns
                Junior Member
                • Oct 2020
                • 10

                #8
                It seems ModSecurity is blocking the PUT command as it is triggering the rule. If I disable ModSec for that particular domain it all works fine. Will be pursuing that line. Thanks all for your input.

                Comment

                Working...