Want to subscribe to topics you're interested in?
Become a Member

Xenforo admin 403

Discussion in 'Forum software usage' started by PeppaPigKilla, Dec 22, 2016.

  1. PeppaPigKilla

    PeppaPigKilla Member

    41
    12
    8
    Dec 21, 2016
    Ratings:
    +13
    Local Time:
    10:00 AM
    1.11.7
    10.0.28-MariaDB
    Hello

    I have installed xenforo successfully, whoop me.

    I have enabled FURL and that works public side but admin side gives me 403 now.

    My conf file consists of this

    Code:
    server {
      server_name community.digitalwarhound.com www.community.digitalwarhound.com;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/community.digitalwarhound.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/community.digitalwarhound.com/log/error.log;
    
      root /home/nginx/domains/community.digitalwarhound.com/public;
    
    location / {
         index index.php index.html index.htm;
         try_files $uri $uri/ /index.php?$uri&$args;
    }
    
    location /admin.php {
         auth_basic "Private";
         auth_basic_user_file /usr/local/nginx/conf/htpasswd_admin_php;
            include /usr/local/nginx/conf/php.conf;
            allow 127.0.0.1;
            deny all;
    }
    
    location /install/ {
         auth_basic "Private";
         auth_basic_user_file /usr/local/nginx/conf/htpasswd_admin_php;
            include /usr/local/nginx/conf/php.conf;
            allow 127.0.0.1;
            deny all;
    } 
    
    location /internal_data/ {
         internal;
         allow 127.0.0.1;
         deny all;
    }
    
    location /library/ {
         internal;
         allow 127.0.0.1;
         deny all;
    }
    
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }

    is it something to do with this part ?
    Code:
    location /admin.php {
         auth_basic "Private";
         auth_basic_user_file /usr/local/nginx/conf/htpasswd_admin_php;
            include /usr/local/nginx/conf/php.conf;
            allow 127.0.0.1;
            deny all;
    }
    Edit

    It was because of that bit of code.

    I compared mine to the others in this thread Xenforo - My Xenforo Nginx vhost configuration

    And adjusted mine accordingly.


    Code:
      location ~ ^/(admin.php) {
            include /usr/local/nginx/conf/php.conf;
            allow 127.0.0.1;
            allow myipaddress;
            deny all;
    google only throws out one link, and the guy is ignored. I have asked the author.
     
    Last edited: Dec 23, 2016
  2. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    7:00 PM
    Nginx 1.13.x
    MariaDB 5.5
    for each of 3 instances of
    Code (Text):
        allow 127.0.0.1;
        deny all;
    

    change to
    Code (Text):
        allow 127.0.0.1;
        allow yourISPIPaddress;
        deny all;
    

    if you have a static ISP ip address, if you do not just remove all 3 instances of
    Code (Text):
        allow 127.0.0.1;
        deny all;
    
     
    • Like Like x 1
  3. PeppaPigKilla

    PeppaPigKilla Member

    41
    12
    8
    Dec 21, 2016
    Ratings:
    +13
    Local Time:
    10:00 AM
    1.11.7
    10.0.28-MariaDB
    When i installed the forum, i did it as root, shouldn't root have these permissions ?
     
  4. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    7:00 PM
    Nginx 1.13.x
    MariaDB 5.5
    • Winner Winner x 1
  5. PeppaPigKilla

    PeppaPigKilla Member

    41
    12
    8
    Dec 21, 2016
    Ratings:
    +13
    Local Time:
    10:00 AM
    1.11.7
    10.0.28-MariaDB
  6. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    7:00 PM
    Nginx 1.13.x
    MariaDB 5.5
    To troubleshoot Nginx and PHP-FPM issues you'd want to check the domain site's vhost access.log and error.log logs located within directory at /home/nginx/domains/yourdomain.com/logs. You can see a full overview at centminmod.com/configfiles.html

    FAQ item 19 has more info on all Centmin Mod relevant log files locations and how to use tail command to view a sample of the entries.

    Also post the contents of your site's nginx vhost http /usr/local/nginx/conf/conf.d/yourdomain.com.conf and/or /usr/local/nginx/conf/conf.d/yourdomain.com.ssl.conf in BBCODE CODE tags as outlined at How to use forum BBCODE code tags | Centmin Mod Community
     
  7. PeppaPigKilla

    PeppaPigKilla Member

    41
    12
    8
    Dec 21, 2016
    Ratings:
    +13
    Local Time:
    10:00 AM
    1.11.7
    10.0.28-MariaDB
    This is my /usr/local/nginx/conf/conf.d/yourdomain.com.conf

    Code (Text):
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    
    # redirect from non-www to www 
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    #server {
    #            listen   80;
    #            server_name community.digitalwarhound.com;
    #            return 301 $scheme://www.community.digitalwarhound.com$request_uri;
    #       }
    
    server {
      server_name community.digitalwarhound.com www.community.digitalwarhound.com;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/community.digitalwarhound.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/community.digitalwarhound.com/log/error.log;
    
      root /home/nginx/domains/community.digitalwarhound.com/public;
    
    location / {
         index index.php index.html index.htm;
         try_files $uri $uri/ /index.php?$uri&$args;
    }
    
      location ~ ^/(admin.php) {
            include /usr/local/nginx/conf/php.conf;
            allow 127.0.0.1;
            allow MYIP;
            deny all;
    }
    
        location /install/ {
        index index.php index.html index.htm;
        allow 127.0.0.1;
        allow MYIP;
        deny all;
        include /usr/local/nginx/conf/php.conf;
    }    
    
    location /internal_data/ {
         internal;
         allow 127.0.0.1;
         deny all;
    }
    
    location /library/ {
         internal;
         allow 127.0.0.1;
         deny all;
    }  
    
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    


    The error log for when i tried it gave me this output
    Code:
    2016/12/23 21:57:23 [error] 28120#28120: *9 FastCGI sent in stderr: "PHP message: PHP Notice:
    A non well formed numeric value encountered in /home/nginx/domains/community.digitalwarhound.com/public/library/XenForo/Application.php on line 1554" while reading response header from upstream, client: MYIP, server: community.digitalwarhound.com, request: "GET /admin.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "community.digitalwarhound.com", referrer: "http://community.digitalwarhound.com/admin.php?add-ons/step-upload"
     
    Last edited: Dec 24, 2016
  8. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    7:00 PM
    Nginx 1.13.x
    MariaDB 5.5
    php error unrelated 403 permission denied issue but probably php 7.1.0 bug Fixed - PHP 7.1.0 Upgrade Error ? you using php 7.1.0 or 7.0.14 ?

    or you mean error with xenforo addon ?

    if it's addon related to
    make sure install directory permissions are correct

    what's output for these commands wrap in CODE tags
    Code (Text):
    ls -lah /home/nginx/domains/community.digitalwarhound.com/public
    ls -lah /home/nginx/domains/community.digitalwarhound.com/public/install
    
     
  9. PeppaPigKilla

    PeppaPigKilla Member

    41
    12
    8
    Dec 21, 2016
    Ratings:
    +13
    Local Time:
    10:00 AM
    1.11.7
    10.0.28-MariaDB
    Addon related.
    Install directory perms are 750

    Code (Text):
    [me@hound1 ~]# ls -lah /home/nginx/domains/community.digitalwarhound.com/public
    total 132K
    drwxr-sr-x.  9 nginx nginx 4.0K Dec 21 23:11 .
    drwxr-s---.  6 nginx nginx 4.0K Dec 21 22:50 ..
    -rw-r-----.  1 nginx nginx 1.6K Dec 21 22:50 403.html
    -rw-r-----.  1 nginx nginx 1.6K Dec 21 22:50 404.html
    -rw-r-----.  1 nginx nginx 2.1K Dec 21 22:50 500.html
    -rw-r-----.  1 nginx nginx 2.1K Dec 21 22:50 502.html
    -rw-r-----.  1 nginx nginx 2.2K Dec 21 22:50 503.html
    -rw-r-----.  1 nginx nginx 7.6K Dec 21 22:50 503.jpg
    -rw-r-----.  1 nginx nginx 2.1K Dec 21 22:50 504.html
    -rw-r-----.  1 nginx nginx 2.2K Dec 21 22:50 50x.html
    -rw-r-----.  1 root  nginx 1.8K Dec 21 00:26 admindav.php
    -rw-r-----.  1 root  nginx  415 Dec 21 00:26 admin.php
    -rw-r-----.  1 root  nginx  359 Dec 21 00:26 css.php
    drwxrws---.  3 root  nginx 4.0K Dec 22 20:36 data
    -rw-r-----.  1 root  nginx 1.2K Dec 21 00:26 deferred.php
    -rw-r-----.  1 root  nginx  535 Dec 21 00:26 fb_channel.php
    -rw-r-----.  1 root  nginx 1.2K Dec 21 00:26 htaccess.txt
    -rw-r-----.  1 nginx nginx 6.0K Dec 21 22:50 index.html
    -rw-r-----.  1 root  nginx  416 Dec 21 00:26 index.php
    drwxr-s---.  5 root  nginx 4.0K Dec 23 21:57 install
    -rw-r-----.  1 root  nginx  524 Dec 21 00:26 INSTALL-UPGRADE.txt
    drwxrws---.  7 root  nginx 4.0K Dec 23 13:03 internal_data
    drwxr-s---.  9 root  nginx 4.0K Dec 21 00:26 js
    drwxr-s---. 10 root  nginx 4.0K Dec 23 13:02 library
    -rw-r-----.  1 nginx nginx 1.7K Dec 21 22:50 maintenance.html
    -rw-r-----.  1 root  nginx 1.5K Dec 21 00:26 payment_callback.php
    -rw-r-----.  1 root  nginx  350 Dec 21 00:26 proxy.php
    -rw-r-----.  1 root  nginx 1.1K Dec 21 00:26 rgba.php
    -rw-r-----.  1 root  nginx 1.6K Dec 21 00:26 sitemap.php
    drwxr-s---.  5 root  nginx 4.0K Dec 22 10:33 styles
    drwxr-s---.  2 root  nginx 4.0K Dec 21 23:11 upload
    [me@hound1 ~]# ls -lah /home/nginx/domains/community.digitalwarhound.com/public/install
    total 48K
    drwxr-s---. 5 root  nginx 4.0K Dec 23 21:57 .
    drwxr-sr-x. 9 nginx nginx 4.0K Dec 21 23:11 ..
    drwxr-s---. 2 root  nginx 4.0K Dec 23 21:47 addons
    -rw-r--r--. 1 root  nginx    0 Dec 23 21:57 .autoprotect-bypass
    drwxr-s---. 2 root  nginx 4.0K Dec 22 10:39 data
    -rw-r-----. 1 root  nginx  624 Dec 21 00:26 index.php
    -rw-r-----. 1 root  nginx  15K Dec 21 00:26 install.css
    -rw-r-----. 1 root  nginx 5.0K Dec 21 00:26 language_en.php
    drwxr-s---. 2 root  nginx 4.0K Dec 22 10:39 templates
    [root@hound1 ~]#
    
     
  10. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    7:00 PM
    Nginx 1.13.x
    MariaDB 5.5
    Get Started Guide step 2

     
    • Like Like x 1
  11. PeppaPigKilla

    PeppaPigKilla Member

    41
    12
    8
    Dec 21, 2016
    Ratings:
    +13
    Local Time:
    10:00 AM
    1.11.7
    10.0.28-MariaDB
    With the above i no longer get the error above,
    I now get this

    Code:
    ErrorException: ftp_login(): Sorry, cleartext sessions and weak ciphers are not accepted on this server. - library/AddOnInstaller/FtpClient/FtpWrapper.php:54
    Google only shows references to filezilla, which isnt what im using here. I'll ask on xenforo also
     
  12. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    7:00 PM
    Nginx 1.13.x
    MariaDB 5.5
  13. PeppaPigKilla

    PeppaPigKilla Member

    41
    12
    8
    Dec 21, 2016
    Ratings:
    +13
    Local Time:
    10:00 AM
    1.11.7
    10.0.28-MariaDB
    This is becoming more hassle than its worth, its one error after another :'(

    even when trying to do it oldskool way of installing whether it be from file on server or xml upload i get this

    extendThreadController is invalid (Invalid Class)

    Was all this caused by uding furl ?
     
  14. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    7:00 PM
    Nginx 1.13.x
    MariaDB 5.5
    sounds like buggy xf addon .. maybe ask addon author
     
    • Winner Winner x 1