/ Register

Join the community today
Become a Member

Wordpress 403 forbidden when executing some php scripts

Discussion in 'Blogs & CMS usage' started by paddy, Mar 21, 2016.

Tags:
Previous Thread Next Thread
Loading...
  1. Mar 21, 2016 #1
    paddy

    paddy New Member

    27
    0
    1
    Nov 27, 2014
    Ratings:
    +0
    Local Time:
    8:20 PM
    1.7.7
    MariaDB 5.5
    hi eva greetz! ,

    i got some php that cant be execute , it says 403 forbidden , i've chwon -R nginx:nginx to new install wordpress and also i tried to chmod 777 but not succeed.

    i can open my wordpress sites , only some of the php cant be load
    here is the screenshoot

    Screenshot by Lightshot

    thank you before Eva.
     
  2. Mar 21, 2016 #2
    eva2000

    eva2000 Administrator Staff Member

    55,811
    12,272
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,858
    Local Time:
    11:20 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    1. How did you install wordpress ?
    2. What wordpress plugin does the url or php belong to ?
    3. Which Centmin Mod version 123.08stable or 123.09beta01 ?
    4. Was it via centmin.sh menu option 22 auto installer Wordpress Nginx Auto Installer (WP Super Cache) ? If so the default wpsecure conf file at /usr/local/nginx/conf/wpsecure_${vhostname}.conf where vhostname is your domain name, blocks php scripts from executing in wp-content for security
    Below links you can see examples of setting up specific wordpress location matches to punch a hole in the wpsecure blocking to whitelist specific php files that need to be able to run.
     
    Last edited: Mar 21, 2016
  3. Mar 21, 2016 #3
    paddy

    paddy New Member

    27
    0
    1
    Nov 27, 2014
    Ratings:
    +0
    Local Time:
    8:20 PM
    1.7.7
    MariaDB 5.5
    1. installed from centmin option
    2. its not a plugins its a wordpress themes , it's ecommerce themes ,
    3. Centmin Mod 1.2.3-eva2000.08
    4 yes its via option 22 , i've tried to disable include /usr/local/nginx/conf/wpsecure_domain but still no luck

    # Block PHP files in content directory.
    #location ~* /wp-content/.*\.php$ {
    # deny all;
    #}
     
  4. Mar 21, 2016 #4
    eva2000

    eva2000 Administrator Staff Member

    55,811
    12,272
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,858
    Local Time:
    11:20 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    what's the actual specific url link that is being blocked ?
     
  5. Mar 21, 2016 #5
    paddy

    paddy New Member

    27
    0
    1
    Nov 27, 2014
    Ratings:
    +0
    Local Time:
    8:20 PM
    1.7.7
    MariaDB 5.5
    solved it eva

    added this

    location ~ ^/wp-content/themes/themesname/ {
    include /usr/local/nginx/conf/php.conf;
    }

    # Block PHP files in uploads, content, and includes directory.
    location ~* /(?:uploads|files|wp-content|wp-includes)/.*\.php$ {
    deny all;
    }

    403 forbidden gone away now , thanks for your help mate! you RoCK!
     
  6. Mar 21, 2016 #6
    eva2000

    eva2000 Administrator Staff Member

    55,811
    12,272
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,858
    Local Time:
    11:20 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    ah i see the specific theme had php files included itself !
     
Previous Thread Next Thread
Loading...

.