Occasional 'Forbidden' Errors

[rayfar]

I have a problem on my website that is not serious but is totally frustrating because nobody, so far, has come up with any solution. I have posted here as it could fall into this category, even though another script may be involved.

 

The problem is occasional 403 'Forbidden - You don't have permission to access /****' errors coming up. When they occur is unpredictable, sometimes a couple in a day but sometimes a few days can go by before another hits. Since 17th Oct, when I actually started logging them, there have been 34.

 

There is one pattern to them and that is that when one occurs, it is always at some 5 minute division past the hour - 5, 10, 15 ... through to ... 50, 55, 00 and the seconds show within a band of 15-25 seconds past the minute. Every one of the 34 have this timing pattern and not one unexplainable 403 has happened outside of that pattern.

 

I'm on a shared server and the site is php5 and mysqli based. There is an htaccess with set env for the php5 as well as redirects to custom error pages and blocks on IPs etc. I replaced this at one time with one containing just the set env but the errors still happened. Also, when htaccess is in place, the 403s come up as bog standard white ones and not the custom ones that I think you would expect if that file was doing the triggering. Also, no additional errors show on the 'Forbidden' page.

 

The errors only show as a 403 in the user logs and never show in the error logs.

 

My site is set up with phpBB as the forum and the other parts of the site are integrated with phpBB for log ins and sessions etc through a piece of integration code, taking the root path to the forum directory. This is on all of the pages outside of the forum. The only other piece of integration is a script that picks up the user status from the forum - (username and logged in - or the alternative "You are not logged in ..")

 

The errors happen within the forum, on pages outside of the forum and on a couple of occasions, simply entering the site through index.php - the main home page which is outside the forum. They can happen to any user seemingly doing any action. If a user clicks the refresh button on their browser, that will take them through the error page, straight into the original request. The errors are not browser specific, happening with IE7, Firefox and have happened with both the Google and Yahoo spiders. Plus no errors show in the phpBB error logs either.

 

My server support team and the support forum at phpBB have been incredibly helpful. With phpBB, I have taken the user listings and cron.php out of the loop but neither had any effect - errors still happened. My server support have confirmed that mod-security is not running on the server and pointed to htaccess, which was removed to no avail. I have checked file permissions and they all appear OK.

 

This problem also seems unique on the phpBB support forum - no trace of anything really similar - and the server people say that I'm the only person who has contacted them with this particular problem.

 

Another added problem is that my server support can only deal with what they see as server related problems and phpBB, rightly, can only look into their software related queries but to their credit, they will advise if they think it might be server related - i.e mod security. I'm a bit clueless in the middle!

 

My server support have now said it's not a server problem, pointed again at htaccess and to the integration of the site with phpBB.

 

phpBB say that as the scripting and DBs that run the outside the forum bit of the site are totally separate to forum scripts and DBs, it must be a server problem.

 

As this seems to be just happening on my site, I should say that there are no timing scripts on site apart from the phpBB ones - nothing on the outside forum part of the site. Plus, apart from these particular errors, it all seems to tick over quite nicely.

 

I really need advice from somebody who has an 'overview' of possibilities that might cause this - I suppose, php5, mysqli, server expertise, cron stuff etc. I'm totally out of my depth and I sorely need pointers to possible causes to try to cure it.

[steviewdr]

Install httping on your computer, and leave it running, doing a get request for pages on your site.

 

Setup a static html page, and get httping to test that at 5 min intervals.

 

Sounds very strange to me. You need to start ruling out issues. If a 403 doesnt appear for a static html file, or if it doesnt appear for a basic php script with phpinfo(), or if it doesnt appear for a basic php script doing a database call, its probably something with phpbb.

 

-steve

[rayfar]

Cheers Steve,

 

Sorry for the delay but thanks for your reply. I'll set up httping and a static page as you suggest.

 

In the meantime, there have been several of these errors with a basic php script calling a database. These have occurred outside of the forum and its scripting.

 

Also, my home page index.php is outside of phpBB and has no calls to any DB apart from the integration script. On two occasions the 403 happened coming into the site through this page from elsewhere.

 

The only phpBB connection to the outside pages is the 'standard' integration script -

 

define('IN_PHPBB', true);
$phpbb_root_path = './forum/';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);
// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup();

 

and a user status script -

 

if (!defined('IN_PHPBB'))
{
exit;
}

if($user->data['is_registered'])
//if($user->data['session_logged_in'])
     //user is logged in
{
     print $user->data['username'];
     echo'<span class="brightgreen"> is logged in</span><br />
     <a title="See You Later" href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=logout', true, $user->session_id). '">Log out</a>';
}
else
     //user is not logged in  
{
     echo'You are not logged in<br /><a title="Log Yourself In" href="login.php">Log In</a> or
          <a title="Register" href="forum/ucp.php?mode=register"> Register</a>';
}

 

These are run on entry to all pages outside of phpbb and are scripts that I got from the phpbb support site - as there are many sites elsewhere using this, I would have thought that there would be other people asking a similar question on phpbb support - I can't find any others.

 

I do appreciate only to well that this is a strange 'un.

 

Ray