In Progress (Requesting Help) | Having 403 Forbidden Error | mail.example.com is showing as my homepage.

Operating System & Version
CentOS v7.9.2009 kvm [vps]
cPanel & WHM Version
v100.0.4

MrOwlSky

Member
Nov 29, 2021
10
2
3
USA
cPanel Access Level
Website Owner
Hello everyone! I'm new to CPANEL and WHM, and I'm running into a strange issue I don't know how to resolve.

Question: Some reason when I go to my website homepage https://domain.com gives me this error:

Forbidden
You don't have permission to access this resource. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

But when I go to https://mail.domain.com it shows my regular homepage. Why is mail.svscraft.com considered my homepage, but my actual homepage is giving me an error?

Details: I've installed CPANEL/WHM on a VPS using Centos 7. I'm using Cloudflare as my primary domain register. I have attached screenshots to this forum posting to show my current settings.
 
Last edited by a moderator:

cPanelAnthony

Administrator
Staff member
Oct 18, 2021
1,045
112
118
Houston, TX
cPanel Access Level
Root Administrator
Hello! Please avoid providing domain names and IP addresses as they are considered sensitive information. Could you try tailing the Apache error log while generating one of these 403 errors? This should get us more information regarding why these errors occur.

Code:
tail -f /etc/apache2/logs/error_log
 

MrOwlSky

Member
Nov 29, 2021
10
2
3
USA
cPanel Access Level
Website Owner
Hello! Please avoid providing domain names and IP addresses as they are considered sensitive information. Could you try tailing the Apache error log while generating one of these 403 errors? This should get us more information regarding why these errors occur.

Code:
tail -f /etc/apache2/logs/error_log
Thank you! Here is the error listed below:

[Tue Nov 30 03:44:22.335001 2021] [:notice] [pid 13802] ModSecurity: LIBXML compiled version="2.9.7"
[Tue Nov 30 03:44:22.335003 2021] [:notice] [pid 13802] ModSecurity: Status engine is currently disabled, enable it by set SecStatusEngine to On.
[Tue Nov 30 03:44:22.365482 2021] [:notice] [pid 13805] mod_ruid2/0.9.8 enabled
[Tue Nov 30 03:44:22.368180 2021] [mpm_prefork:notice] [pid 13805] AH00163: Apache/2.4.51 (cPanel) OpenSSL/1.1.1l mod_bwlimited/1.4 configured -- resuming normal operations
[Tue Nov 30 03:44:22.368205 2021] [core:notice] [pid 13805] AH00094: Command line: '/usr/sbin/httpd'
[Tue Nov 30 04:43:14.293775 2021] [core:crit] [pid 15921] (13)Permission denied: [client :39006] AH00529: /home/username/public_html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/home/username/public_html/' is executable
[Tue Nov 30 04:43:14.317646 2021] [core:crit] [pid 13813] (13)Permission denied: [client :39012] AH00529: /home/username/public_html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/home/username/public_html/' is executable
[Tue Nov 30 05:09:37.470683 2021] [core:crit] [pid 13812] (13)Permission denied: [client 185.189.182.234:33498] AH00529: /home/username/public_html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/home/svscraft/public_html/' is executable
[Tue Nov 30 07:17:06.501735 2021] [core:error] [pid 13809] [client :52286] AH10244: invalid URI path (/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh)
[Tue Nov 30 07:21:10.041893 2021] [cgi:error] [pid 13811] [client :28607] AH02811: script not found or unable to stat: /var/www/html/setup.cgi

Note, it says "/home/svscraft/public_html/.htaccess pcfg_openfile: unable to check htaccess file" I don't have any .htaccess files inside that file path location.
 
Last edited by a moderator:

cPanelAnthony

Administrator
Staff member
Oct 18, 2021
1,045
112
118
Houston, TX
cPanel Access Level
Root Administrator
Hello! Since the .htaccess is a hidden file, you might see it. Can you get a reading if you run the following command while replacing "username" with the cPanel user?

Code:
stat /home/username/public_html/.htaccess
If so, can you provide me the output while censoring the username? Also, please keep usernames and IP addresses censored as it is sensitive information.
 

MrOwlSky

Member
Nov 29, 2021
10
2
3
USA
cPanel Access Level
Website Owner
I've tried using the file manager to "show hidden files" and it doesn't have an htaccess file at all. I used the root access via terminal and it also shows no htaccess file.

Stat results:
Code:
[{UserNameHidden}@vps ~]# sudo stat /home/{UserNameHidden}/public_html/.htaccess
stat: cannot stat ‘/home/{UserNameHidden}/public_html/.htaccess’: No such file or directory


[{UserNameHidden}@vps ~]# stat /home/{UserNameHidden}/public_html/.htaccess
stat: cannot stat ‘/home/{UserNameHidden}/public_html/.htaccess’: No such file or directory
Find results:

Code:
[{UserNameHidden}@vps ~]# sudo find / -name .htaccess
/usr/local/cpanel/base/3rdparty/roundcube/config/.htaccess
/usr/local/cpanel/base/3rdparty/roundcube/logs/.htaccess
/usr/local/cpanel/base/3rdparty/roundcube/public_html/.htaccess
/usr/local/cpanel/base/3rdparty/roundcube/temp/.htaccess
/usr/local/cpanel/base/3rdparty/roundcube/.htaccess
/usr/local/cpanel/base/horde/content/.htaccess
/usr/local/cpanel/base/horde/content/config/.htaccess
/usr/local/cpanel/base/horde/content/lib/.htaccess
/usr/local/cpanel/base/horde/.htaccess
/usr/local/cpanel/base/horde/config/.htaccess
/usr/local/cpanel/base/horde/lib/.htaccess
/usr/local/cpanel/base/horde/locale/.htaccess
/usr/local/cpanel/base/horde/rpc/.htaccess
/usr/local/cpanel/base/horde/templates/.htaccess
/usr/local/cpanel/base/horde/imp/config/.htaccess
/usr/local/cpanel/base/horde/imp/lib/.htaccess
/usr/local/cpanel/base/horde/imp/locale/.htaccess
/usr/local/cpanel/base/horde/imp/templates/.htaccess
/usr/local/cpanel/base/horde/nag/config/.htaccess
/usr/local/cpanel/base/horde/nag/lib/.htaccess
/usr/local/cpanel/base/horde/nag/locale/.htaccess
/usr/local/cpanel/base/horde/nag/templates/.htaccess
/usr/local/cpanel/base/horde/ingo/config/.htaccess
/usr/local/cpanel/base/horde/ingo/lib/.htaccess
/usr/local/cpanel/base/horde/ingo/locale/.htaccess
/usr/local/cpanel/base/horde/ingo/templates/.htaccess
/usr/local/cpanel/base/horde/mnemo/config/.htaccess
/usr/local/cpanel/base/horde/mnemo/lib/.htaccess
/usr/local/cpanel/base/horde/mnemo/locale/.htaccess
/usr/local/cpanel/base/horde/mnemo/templates/.htaccess
/usr/local/cpanel/base/horde/kronolith/config/.htaccess
/usr/local/cpanel/base/horde/kronolith/feed/.htaccess
/usr/local/cpanel/base/horde/kronolith/lib/.htaccess
/usr/local/cpanel/base/horde/kronolith/locale/.htaccess
/usr/local/cpanel/base/horde/kronolith/templates/.htaccess
/usr/local/cpanel/base/horde/turba/config/.htaccess
/usr/local/cpanel/base/horde/turba/lib/.htaccess
/usr/local/cpanel/base/horde/turba/locale/.htaccess
/usr/local/cpanel/base/horde/turba/templates/.htaccess
/usr/local/cpanel/base/horde/timeobjects/config/.htaccess
/usr/local/cpanel/base/horde/timeobjects/lib/.htaccess
/usr/local/cpanel/base/horde/timeobjects/locale/.htaccess
/usr/local/cpanel/base/horde/trean/config/.htaccess
/usr/local/cpanel/base/horde/trean/lib/.htaccess
/usr/local/cpanel/base/horde/trean/locale/.htaccess
/usr/local/cpanel/base/horde/trean/templates/.htaccess
/usr/local/cpanel/3rdparty/php/73/lib/php/data/horde/scripts/.htaccess
/usr/local/cpanel/3rdparty/php/73/lib/php/data/turba/scripts/.htaccess
 

Attachments

Last edited:

MrOwlSky

Member
Nov 29, 2021
10
2
3
USA
cPanel Access Level
Website Owner
Can you try giving me the stat output of the public_html directory?

Code:
stat /home/username/public_html
Here you go.


Stat /home/{UserNameHidden}:
Code:
[{UserNameHidden}@vps ~]# sudo stat /home/{UserNameHidden}
  File: ‘/home/{UserNameHidden}’
  Size: 4096            Blocks: 8          IO Block: 4096   directory
Device: 801h/2049d      Inode: 54527280    Links: 15
Access: (0711/drwx--x--x)  Uid: ( 1001/{UserNameHidden})   Gid: ( 1003/{UserNameHidden})
Context: system_u:object_r:home_root_t:s0
Access: 2021-11-30 00:50:47.220203509 +0000
Modify: 2021-11-29 20:45:03.863632523 +0000
Change: 2021-11-29 20:45:03.863632523 +0000
 Birth: -
Stat /home/{UserNameHidden}/public_html:
Code:
[{UserNameHidden}@vps ~]# sudo stat /home/{UserNameHidden}/public_html
  File: ‘/home/{UserNameHidden}/public_html’
  Size: 141             Blocks: 0          IO Block: 4096   directory
Device: 801h/2049d      Inode: 79693793    Links: 7
Access: (0750/drwxr-x---)  Uid: ( 1001/{UserNameHidden})   Gid: ( 1003/{UserNameHidden})
Context: system_u:object_r:home_root_t:s0
Access: 2021-11-30 01:44:36.742598411 +0000
Modify: 2021-11-30 01:40:12.993704624 +0000
Change: 2021-11-30 01:40:12.993704624 +0000
 Birth: -
 

MrOwlSky

Member
Nov 29, 2021
10
2
3
USA
cPanel Access Level
Website Owner
Can you try setting them to username/nobody and let me know if this fixes the issue?

chown username.nobody /home/username/public_html
Edited: I changed the name and did a "stat /home/username" and "stat /home/username/public_html" it shows the "Gid: ( 99/ nobody)" has changed but the UID still shows my user name account.

I refreshed the page and it still doesn't work.


Code:
[[email protected] ~]# stat /home/username
  File: ‘/home/username’
  Size: 4096            Blocks: 8          IO Block: 4096   directory
Device: 801h/2049d      Inode: 54527280    Links: 15
Access: (0711/drwx--x--x)  Uid: ( 1001/username)   Gid: (   99/  nobody)
Context: system_u:object_r:home_root_t:s0
Access: 2021-11-30 00:50:47.220203509 +0000
Modify: 2021-11-29 20:45:03.863632523 +0000
Change: 2021-12-01 16:02:08.307566606 +0000
Birth: -

[[email protected] ~]# stat /home/username/public_html
  File: ‘/home/username/public_html’
  Size: 141             Blocks: 0          IO Block: 4096   directory
Device: 801h/2049d      Inode: 79693793    Links: 7
Access: (0750/drwxr-x---)  Uid: ( 1001/username)   Gid: (   99/  nobody)
Context: system_u:object_r:home_root_t:s0
Access: 2021-11-30 01:44:36.742598411 +0000
Modify: 2021-11-30 01:40:12.993704624 +0000
Change: 2021-12-01 15:58:01.374727201 +0000
Birth: -
 

Attachments

Last edited:

MrOwlSky

Member
Nov 29, 2021
10
2
3
USA
cPanel Access Level
Website Owner
I've still not resolved this error if anyone is willing to help me resolve it via TeamViewer or remotely I'll gladly provide payment.