Post by stef83136 » Fri Feb 17, 2017 11:14 pm

Hi, we have several sites on a VPS that run with Opencart 2.3.0.2.
For several weeks, I think after an update of Apache on Cpanel (Apache 2.4) we have on the log of all no sites the error that looks like this:

Code: Select all

[Fri Feb 17 00:59:03.443730 2017] [authz_core:error] [pid 22881:tid 139983518115584] [client xx.xxx.xx.xxx:xxxxx] AH01630: client denied by server configuration: /home/xxxxxxxxxx/public_html/024C4EE2AD8798A8312EDA215D965D70.txt
Now we do not have a file.txt present

Here's what Cpanel tells us
# Prevent Direct Access to files
<FilesMatch "(?i)((\.tpl|\.ini|\.log|(?<!robots)\.txt))">
Require all denied
## For apache 2.2 and older, replace "Require all denied" with these two lines :
# Order deny,allow
# Deny from all
</FilesMatch>
Hello,

This entry is likely blocking access attempts to the .txt files, which are required as part of the verification process for the AutoSSL feature. Try removing the code that blocks TXT files within the .htaccess file to see if the issue persists.

Thank you.
Have you ever had this kind of back?

Thanks for help.

Online

Posts

Joined
Tue Dec 09, 2014 3:29 am

Post by uksitebuilder » Sat Feb 18, 2017 1:24 am

Change it to:

Code: Select all

<FilesMatch "(?i)((\.tpl|\.ini|\.log)">
Require all denied
## For apache 2.2 and older, replace "Require all denied" with these two lines :
# Order deny,allow
# Deny from all
</FilesMatch>

ImageImageImageImageImage

"I will not answer your posts if you can't be bothered to specify your OC Version,
or provide a link to your site if it is a template related query
"


User avatar

Posts

Joined
Thu Jun 09, 2011 11:37 pm
Location - United Kindgom

Post by stef83136 » Sat Feb 18, 2017 3:05 am

Thank you for your reply, I will try and keep you informed :)

Online

Posts

Joined
Tue Dec 09, 2014 3:29 am

Post by stef83136 » Sat Feb 18, 2017 3:24 am

Error 500 with :

Code: Select all

<FilesMatch "(?i)((\.tpl|\.ini|\.log)">
Require all denied
## For apache 2.2 and older, replace "Require all denied" with these two lines :
# Order deny,allow
# Deny from all
</FilesMatch>
It lacks one ") " at end
I try

Code: Select all

# Prevent Direct Access to files
<FilesMatch "(?i)((\.tpl|\.ini|\.log))">
Require all denied
## For apache 2.2 and older, replace "Require all denied" with these two lines :
# Order deny,allow
# Deny from all
</FilesMatch>

Online

Posts

Joined
Tue Dec 09, 2014 3:29 am

Post by uksitebuilder » Sat Feb 18, 2017 3:34 am

Yes, you are right, apologies.

ImageImageImageImageImage

"I will not answer your posts if you can't be bothered to specify your OC Version,
or provide a link to your site if it is a template related query
"


User avatar

Posts

Joined
Thu Jun 09, 2011 11:37 pm
Location - United Kindgom

Post by stef83136 » Sat Feb 18, 2017 2:10 pm

HI. Apparently no / more error on the 2 sites on which I changed the .htaccess. Thank you very much. A small question I imagine that if originally it is recommended to insert in the .htaccess for .txt files is that there is a security interest? What can happen without (? <! Robots) \ .txt? A parade

Online

Posts

Joined
Tue Dec 09, 2014 3:29 am

Post by uksitebuilder » Sun Feb 19, 2017 1:08 am

I don't think there is any security risk with OpenCart and people/bots requesting non-existent .txt files.

ImageImageImageImageImage

"I will not answer your posts if you can't be bothered to specify your OC Version,
or provide a link to your site if it is a template related query
"


User avatar

Posts

Joined
Thu Jun 09, 2011 11:37 pm
Location - United Kindgom

Post by stef83136 » Mon Feb 20, 2017 1:50 am

The errors have disappeared. On the other hand we have on some site an error (apparently at the same time as the Apache update 2.4) on the server, an idea?

Code: Select all

[Sun Feb 19 17:54:43.289100 2017] [autoindex:error] [pid 2687:tid 140296499197696] [client 104.238.248.15:1757] AH01276: Cannot serve directory /home/xxxxxxxxxx/public_html/: No matching DirectoryIndex (index.html,index.php,index.html.var,index.htm,index.shtml,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.phtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html) found, and server-generated directory index forbidden by Options directive

Online

Posts

Joined
Tue Dec 09, 2014 3:29 am

Post by uksitebuilder » Mon Feb 20, 2017 4:59 am


ImageImageImageImageImage

"I will not answer your posts if you can't be bothered to specify your OC Version,
or provide a link to your site if it is a template related query
"


User avatar

Posts

Joined
Thu Jun 09, 2011 11:37 pm
Location - United Kindgom

Post by stef83136 » Mon Feb 20, 2017 5:48 am

Thank you for this quick response. I have just checked Apache and I have all that to parameterize:

Code: Select all

index.html,index.php,index.html.var,index.htm,index.shtml,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.phtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html

Online

Posts

Joined
Tue Dec 09, 2014 3:29 am

Post by uksitebuilder » Mon Feb 20, 2017 4:07 pm

Turns out you need to disable DirectoryIndex in Apache 2.4 to get auto Indexes.

DirectoryIndex disabled
Options Indexes

ImageImageImageImageImage

"I will not answer your posts if you can't be bothered to specify your OC Version,
or provide a link to your site if it is a template related query
"


User avatar

Posts

Joined
Thu Jun 09, 2011 11:37 pm
Location - United Kindgom

Post by stef83136 » Mon Feb 20, 2017 6:18 pm

In fact, this is the exact problem. I have a shop related to a commercial management through a connector. The shop generates type errors

Code: Select all

[Sun Feb 19 13:29:30.137609 2017] [autoindex:error] [pid 29997:tid 140296572626688] [client 51.254.41.129:52150] AH01276: Cannot serve directory /home/xxxxxxx/public_html/catalog/view/theme/: No matching DirectoryIndex (index.html,index.php,index.html.var,index.htm,index.shtml,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.phtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html) found, and server-generated directory index forbidden by Options directive
And Dolibarr our commercial management:

Code: Select all

[Sun Feb 19 19:06:48.228464 2017] [autoindex:error] [pid 2454:tid 140128647288576] [client 79.137.85.189:44796] AH01276: Cannot serve directory /home/xxxxxxxx/public_html/: No matching DirectoryIndex (index.html,index.php,index.html.var,index.htm,index.shtml,index.xhtml,index.wml,index.perl,index.pl,index.plx,index.ppl,index.cgi,index.jsp,index.js,index.jp,index.php4,index.php3,index.phtml,default.htm,default.html,home.htm,index.php5,Default.html,Default.htm,home.html) found, and server-generated directory index forbidden by Options directive, referer: http://anonymizeme.pro/go/hide.cgi?sg7j8b6vc2fd1g4u7h4b12f5q5y2c12n1l4f5s5i1g1fd5s2x2ds5f5h2j5f4s44d
The error of the shop in connection with Dolibarr tip / catalog / view / theme /. The shop runs on the Journal2 template like other shops but we do not have this type of errors. In addition to or out this url http://anonymizeme.pro/go/hide.cgi? In the error of the business management server? This is not our url

Online

Posts

Joined
Tue Dec 09, 2014 3:29 am

Post by stef83136 » Mon Feb 20, 2017 6:20 pm

uksitebuilder wrote:
Mon Feb 20, 2017 4:07 pm
Turns out you need to disable DirectoryIndex in Apache 2.4 to get auto Indexes.

DirectoryIndex disabled
Options Indexes
What is strange is that all of our sites have the same .htaccess (# Prevent Directoy listing
Options -Indexes), all work on the same server, and we have that problem on only one shop.

Online

Posts

Joined
Tue Dec 09, 2014 3:29 am

Post by uksitebuilder » Mon Feb 20, 2017 6:24 pm

I think it is more so the first line of what I posted that needs to be added.

ImageImageImageImageImage

"I will not answer your posts if you can't be bothered to specify your OC Version,
or provide a link to your site if it is a template related query
"


User avatar

Posts

Joined
Thu Jun 09, 2011 11:37 pm
Location - United Kindgom

Post by stef83136 » Mon Feb 20, 2017 6:29 pm

Thanks. Like this ? :

Code: Select all

# Prevent Directoy listing
Options -Indexes
DirectoryIndex disabled
For all shop or only one ?

Online

Posts

Joined
Tue Dec 09, 2014 3:29 am

Post by uksitebuilder » Mon Feb 20, 2017 8:07 pm

That code looks fine - you can test with that

If your other shops are exhibiting the same behaviour, then try it on one first to see if it fixes the problem, then rinse and repeat if it fixes the problem.

ImageImageImageImageImage

"I will not answer your posts if you can't be bothered to specify your OC Version,
or provide a link to your site if it is a template related query
"


User avatar

Posts

Joined
Thu Jun 09, 2011 11:37 pm
Location - United Kindgom
Who is online

Users browsing this forum: cyclops12, paulfeakins, thekrotek and 26 guests