Redirect doesn't work due to autorization problem (Apache 2.2)

  • Hello,
    This is an error message:
    Forbidden


    You don't have permission to access / on this server.
    Additionally, a 302 Found error was encountered while trying to use an ErrorDocument to handle the request.


    Os: Debian 7.11
    PHP : php-fpm
    imscp 1.3.5

  • And the apache logs for your domain alias say?

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • Sorry,


    It is here:


    Code
    1. [Tue Oct 04 14:26:34 2016] [error] [client 37.139.50.150] client denied by server configuration: /var/www/manager
    2. [Tue Oct 04 18:37:41 2016] [error] [client 92.249.130.87] client denied by server configuration: /var/www/
    3. [Tue Oct 04 18:37:41 2016] [error] [client 92.249.130.87] client denied by server configuration: /var/www/favicon.ico, referer:
  • /var/www/manager

    Not an i-MSCP path...


    Can I access the server?

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • @rauschr


    Bug confirmed.


    The problem occurs when a domain (here a domain alias) is redirected on another domain. There is an authorization problem somewhere. This will be fixed in next version which will be released in next hours. For now, I've fixed your setup using a RewriteRule instead of the LocationMatch. Please don't rerun the i-MSCP installer for now. I've fixed the templates located in the /etc/imscp/apache/parts directory but if you rerun the i-MSCP installer, my changes will be gone.


    I'll investigate a bit more internally and provide a final fix.


    Edit


    The problem comes from the fact that in the LocationMatch, we don't give any authorization. Thus, the authorizations from the 00_nameserver.conf file applies, specially the following


    Code
    1. <Directory />Options NoneAllowOverride NoneDeny from all</Directory>

    leading to the following error


    Code
    1. ForbiddenYou don't have permission to access / on this server.

    The fix consists to add the required authorizations

    Code
    1. <LocationMatch "^/(?!.well-known/)">Redirect 301 / http://target.domain.tld/Allow from all</LocationMatch>

    or to do the redirect outside of a LocationMatch by using RedirectMatch as follow


    Code
    1. RedirectMatch 301 "^/((?!\.well-known/).*)" "http://target.domain.tld/$1"

    instead of


    Code
    1. <LocationMatch "^/(?!.well-known/)">Redirect 301 / http://target.domain.tld/</LocationMatch>

    Additional issue (not related to the one above)


    While running the imscp-reconfigure script to fix all your vhost files, the following warnings were outputed


    Code
    1. [WARN] Servers::mta::postfix::addMail: Use of uninitialized value in concatenation (.) or string at /var/www/imscp/engine/setup/../PerlLib/Servers/mta/postfix.pm line 459.
    2. Servers::mta::postfix::addMail: Use of uninitialized value in concatenation (.) or string at /var/www/imscp/engine/setup/../PerlLib/Servers/mta/postfix.pm line 459.

    These warnings mean that two of your mail entries are wrong in your database (e.g: Entries with a NULL value while that is not expected). Please don't remove my access to your server. I'll investigate for this issue too because that is not the first time that such warning is reported.


    Edit


    The warnings above are due to two mail entries (default webmaster forwarded mails) that have the mail_forward field set to NULL. I've fixed these entries in your database. I'll investigate in core a bit more and provide a fix to avoid such a situation.


    Thank you.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • @rauschr


    Regarding the authorization problems:


    A fix has been added in the 1.3.x branch. See https://github.com/i-MSCP/imsc…d8bc2d272a9b449620c940746
    This fix will be part of the next release.


    Thank you for your report.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • @rauschr


    You're welcome.


    Topic closed.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206