Access to context [/] is denied!

GOT

Well-Known Member
#1
There are two other threads on this, neither seem to apply. I have checked, one is version realted from a year ago and the other has to do with location tags of which I cannot fine.

So, the server is running Plesk 10 and litespeed. User created a subdomain on a domain. documentroot is httpdocs/folder

php in general works in this folder as I put up a phpinfo page and it loaded fine.

The user uploaded Wordpress files and created the database and created the database and user accounts. Those all work.

When you go to the site it as expected redirects to wp-admin/install.php, but it then throws the error in the logs:

[ACL] Access to context [/] is denied!

Running latest version which is 4.2.14.

Folder permissions all set to 755 and all php files set to 644. Ownership verified correct.

Any help would be greatly appreciated.
 

NiteWave

Administrator
#2
here's steps to try to collect more info:
1.
lsws web admin->Actions->Toggle Debug Logging

2.
#tailf /usr/local/lsws/logs/error.log |grep your-IP

3.
in browser, access wp-admin/install.php

4.
lsws web admin->Actions->Toggle Debug Logging

5,
check what is logged in step 2
 

GOT

Well-Known Member
#3
Obviously, lots of logs generated. I think this is the pertinent part, but I am still not clear what the issue is

2014-08-17 20:21:56.690 [NOTICE] [70.169.132.104:55917-0#APVH_shop.aspkin.com] Content len: 0, Request line: 'GET /wp-admin/install.php HTTP/1.1'
2014-08-17 20:21:56.690 [INFO] [70.169.132.104:55917-0#APVH_shop.aspkin.com] Cookie len: 260, __utma=237657104.1349473437.1406157702.1406157702.1407883983.2; __utmz=237657104.1406157702.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); _jsuid=1885225905; __utmv=237657104.usergroup-1-Unregistered%20%2F%20Not%20Logged%20In; wp-settings-time-1=1408305387
2014-08-17 20:21:56.690 [DEBUG] [70.169.132.104:55917-0#APVH_shop.aspkin.com] Find context with URI: [/], location: [/var/www/vhosts/aspkin.com/httpdocs/shop/]
2014-08-17 20:21:56.690 [DEBUG] [70.169.132.104:55917-0#APVH_shop.aspkin.com] Find .htaccess context with URI: [/], location: [/var/www/vhosts/aspkin.com/httpdocs/shop/]
2014-08-17 20:21:56.690 [DEBUG] [70.169.132.104:55917-0#APVH_shop.aspkin.com] Find handler [lsphp5] for [.php]
2014-08-17 20:21:56.690 [DEBUG] [70.169.132.104:55917-0#APVH_shop.aspkin.com] processContextPath() return 0
2014-08-17 20:21:56.690 [DEBUG] [70.169.132.104:55917-0#APVH_shop.aspkin.com] add ENV: 'PERL5LIB:/usr/share/awstats/lib:/usr/share/awstats/plugins'
2014-08-17 20:21:56.690 [INFO] [70.169.132.104:55917-0#APVH_shop.aspkin.com][ACL] Access to context [/] is denied!
2014-08-17 20:21:56.690 [DEBUG] [70.169.132.104:55917-0#APVH_shop.aspkin.com] processNewReq() return 24.
2014-08-17 20:21:56.690 [DEBUG] [70.169.132.104:55917-0#APVH_shop.aspkin.com] HttpConnection::sendHttpError(),code=403 Forbidden

I'm not at all clear why there are references to awstats in there?
 

NiteWave

Administrator
#4
assume litespeed process is running as nobody, check if nobody can
#sudo -u nobody ls -l /var/www/vhosts/aspkin.com/httpdocs/shop/.htaccess
 

GOT

Well-Known Member
#5
[root@dallasno2 ~]# sudo -u nobody ls -l /var/www/vhosts/aspkin.com/httpdocs/shop/.htaccess
ls: cannot access /var/www/vhosts/aspkin.com/httpdocs/shop/.htaccess: Permission denied

However, I thought I had it set up for suphp?

There is no .htaccess file ion that directory

[root@dallasno2 ~]# ls -l /var/www/vhosts/aspkin.com/httpdocs/shop/.htaccess
ls: cannot access /var/www/vhosts/aspkin.com/httpdocs/shop/.htaccess: No such file or directory
 

GOT

Well-Known Member
#7
[root@dallasno2 ~]# ls -ald /var/www/vhosts/aspkin.com/httpdocs/shop
drwxr-xr-x 5 fj398fifu3u8fh psacln 4096 Aug 17 16:25 /var/www/vhosts/aspkin.com/httpdocs/shop

This is what I would expect.
 

NiteWave

Administrator
#8
this folder is ok. I think the problem is
[root@dallasno2 ~]# sudo -u nobody ls -l /var/www/vhosts/aspkin.com/httpdocs/shop/.htaccess
ls: cannot access /var/www/vhosts/aspkin.com/httpdocs/shop/.htaccess: Permission denied
why permission is denied ? this is a linux issue, not related to any web server.
need check the permission from /var to /var/www/vhosts/aspkin.com/httpdocs/shop
 

GOT

Well-Known Member
#9
You got me. Permissions and opwnership are exacltly what I would expect wioth plesk:L

drwxr-xr-x 5 fj398fifu3u8fh psacln 4096 Aug 17 16:25 shop


How is that a problem?
 
#11
I think php is running as user "fj398fifu3u8fh", so it's ok.
but .htaccess and static file like readme.html is processed by litespeed process which running as nobody.
so nobody must be able to read them under /var/www/vhosts/aspkin.com/httpdocs/shop/

#curl -I http://shop.aspkin.com/readme.html
HTTP/1.1 403 Forbidden
Date: Mon, 18 Aug 2014 04:52:57 GMT
Server: LiteSpeed
Accept-Ranges: bytes
Connection: close
ETag: "f91-53c8be6f-cc3ccce4c280b57c"
Last-Modified: Fri, 18 Jul 2014 06:27:59 GMT
Content-Type: text/html
Content-Length: 3985
X-Powered-By: PleskLin

need check the permission along the path:
#ls -ald /var
#ls -ald /var/www
...
#ls -ald /var/www/vhosts/aspkin.com/httpdocs
 

GOT

Well-Known Member
#12
This is a plesk server. It appears that lsws is running as the user apache:

root 482 0.0 0.0 31820 9956 ? S Aug17 0:21 litespeed (lshttpd)
root 483 0.0 0.0 6156 496 ? S Aug17 0:01 \_ httpd (lscgid)
apache 484 0.3 0.3 164980 54756 ? Sl Aug17 3:09 \_ litespeed (lshttpd)
apache 487 0.0 0.0 125480 8804 ? S Aug17 0:03 \_ lsphp5
apache 17781 6.6 0.3 185644 58972 ? S 09:33 0:07 \_ lsphp5
apache 17792 9.7 0.3 183284 63572 ? S 09:33 0:06 \_ lsphp5

Your test works when you switch it to the apache user:

[root@dallasno2 var]# sudo -u apache ls -l /var/www/vhosts/aspkin.com/httpdocs/shop/.htaccess
ls: cannot access /var/www/vhosts/aspkin.com/httpdocs/shop/.htaccess: No such file or directory

So, it must be something else?
 

mistwang

LiteSpeed Staff
#13
please check the content of /var/www/vhosts/aspkin.com/httpdocs/.htaccess
[ACL] Access to context [/] is denied!
is caused by directives from mod_access_xxxx module, "Deny from ..." . Please show us the full content of .htaccess .
 
Top