Whispar1 Posted January 25, 2013 Share Posted January 25, 2013 (edited) I can successfully add a new product and prices in BO but when I try to add associations, SEO, or quantity I get the following error: Forbidden You don't have permission to access /******/index.php on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. This problem is duplicated when trying to remove the "HOME" association from the default iPOD product so that it is removed from the featured block on the home page. Hosting company was able to duplicate problem and seems to think it is a Prestashop issue but continue to investigate on their end. Thanks for any info. Update: If I go back to newly created product and edit the description, I now get the same 403. So I can created a product with description the first time with no error but editing the same description a 2nd time gives me a 403. Edited January 26, 2013 by Whispar1 (see edit history) Link to comment Share on other sites More sharing options...
Whispar1 Posted January 25, 2013 Author Share Posted January 25, 2013 (edited) Are there any Mods or support online that can address this issue or offer advise on how to proceed? Further development of products is at a standstill until this is fixed. Thank You EDIT: I have now seen several other posts in various parts of the forum with this same issue but no resolution so it is unfortunately happening to others too. Edited January 25, 2013 by Whispar1 (see edit history) Link to comment Share on other sites More sharing options...
Bill Dalton Posted January 25, 2013 Share Posted January 25, 2013 Whispar1 odd, looks like permission issue. Could you try setting the permission level on your .htaccess file to 666 Please let me know if that helps. 1 Link to comment Share on other sites More sharing options...
Whispar1 Posted January 25, 2013 Author Share Posted January 25, 2013 Yeah, I spoke to my hosting provider a bit ago and replicated the problem while they watched and it does seem to be a permission issue. I'll pass your suggestion on and let you know what they come up with so anyone else with this problem will have a solution. Link to comment Share on other sites More sharing options...
Whispar1 Posted January 26, 2013 Author Share Posted January 26, 2013 For anyone that runs into this issue, check with your hosting provider. As Bill stated, permission settings may have to be modified on the server. In my case they modified the script with exceptions to the ModSecurity system within their servers. Problem solved. 1 Link to comment Share on other sites More sharing options...
netmechanics Posted January 27, 2013 Share Posted January 27, 2013 Hi Whispar1 - do you have anymore details on what they changed in ModSecurity? I have the same problem on my server ... Link to comment Share on other sites More sharing options...
Whispar1 Posted January 28, 2013 Author Share Posted January 28, 2013 You may have to reproduce the problem while on the phone with your host. In my case they saw the error it shot up and corrected permissions in the server script. Link to comment Share on other sites More sharing options...
JeffV Posted May 6, 2014 Share Posted May 6, 2014 I've been dealing with this issue for 6months, any help as to what exactly your hosting provider changed would be helpful. My provider is noy used to dealing with clients that use PS. Link to comment Share on other sites More sharing options...
Whispar1 Posted May 13, 2014 Author Share Posted May 13, 2014 (edited) Sorry for late reply... I just received this information. My host found the mod_security error and from the error log, there is an ID# The below code is from mine - I have removed the ID for security reasons but there will be a number in place of "#####" Your host should be able to disable that rule by SecRuleRemoveById ID_number [Fri Mar 01 13:19:43 2013] [error] [client ##.##.####] ModSecurity: Access deniedrequired. [file "/usr/local/apache/conf/modsec2_rules/10_asl_rules.conf"] [line"497"] [id "######"] [rev "287"] [msg "Atomicorp.com UNSUPPORTED DELAYED Rules:Remote File Injection attempt in ARGS (AE)"] [data "http://google.com"] [severity"CRITICAL"] [hostname "##.##.####"] [uri "/psmanager/index.php"] [unique_id"###################"] Hope this helps get things fixed - its the best I got. Edited May 13, 2014 by Whispar1 (see edit history) Link to comment Share on other sites More sharing options...
JeffV Posted May 14, 2014 Share Posted May 14, 2014 @Whispar1 - This is more help than anyone with PS has given me. Thank you very much. I'll pass this onto my hosting provider. By chance did you change or modify your php.ini file to resolve this, or did the mod_security fix solve it completely? Link to comment Share on other sites More sharing options...
Whispar1 Posted May 14, 2014 Author Share Posted May 14, 2014 No problem - I just hope it helps get you going. There wasn't anything in the php.ini related to this issue but while you are there, check your resource limits because if they are too low, you will see errors elsewhere. This is something that should be adjusted, based on what your hosts limitations are, for any PS store. Often times the default php.ini has room to increase these variables. Here is mine but your host may not allow certain variables - check with them to max out your resources available. ;;;;;;;;;;;;;;;;;;; ; Resource Limits ; ;;;;;;;;;;;;;;;;;;; max_execution_time = 10000 ; Maximum execution time of each script, in seconds max_input_time = 60 ; Maximum amount of time each script may spend parsing request data memory_limit = 1024M ; Maximum amount of memory a script may consume (32MB) suhosin.get.max_vars = 10000; suhosin.post.max_vars = 10000; max_input_vars = 6000; Link to comment Share on other sites More sharing options...
JeffV Posted May 14, 2014 Share Posted May 14, 2014 Whispar1- Thank you again. I have the following values in my php.ini file. max_execution_time 600 600 max_file_uploads 20 20 max_input_nesting_level 64 64 max_input_time -1 -1 max_input_vars 60000 60000 memory_limit 256M I also have the suhosin values set at 60000. Link to comment Share on other sites More sharing options...
Whispar1 Posted May 15, 2014 Author Share Posted May 15, 2014 See if your host will let you bump up the values to what mine show. I have found these setting to be very trouble-free. Again, your host may limit what you can set them to, especially memory_limit but bump it as high as you can Link to comment Share on other sites More sharing options...
Recommended Posts