Support

Hi!

On one of our sites we have an issue with the htacess (created by AdminTools) blocking files.

https://www.pe-veterinair.nl/google64cfb43478d8eb29.html

This gives us a 'forbidden' page.

When we disable the htaccess file (renaming it) the file get's opened OK.

When we use the default htaccess that ships with Joomla we aso can open the file OK. SO I guess the htaccess maker is adding something to cause this.

I compared the settings of the htaccess maker with other sites and I believe they are the same. But I might be missing something...

Any hints on this? Where to look?

I added the htaccess we use on the site (created by AdminTools).

Kind regards,
Jip

Mmmm, I compared the settings with an other site, they were the same. BUT the htaccess used on the other site was generated bij AdminTools a while ago...

I noticed these new lines in the htaccess:

# Disallow access to all other front-end folders
RewriteCond %{REQUEST_FILENAME} -d
RewriteCond %{REQUEST_URI} !^/
RewriteRule .* - [F]

# Disallow access to all other front-end files
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule !^index.php$ - [F]

These are new? I think these might cause the issue of not being able to vie the files in the browser.

Is this intended behaviour? Do we need to manually allow all files / folder we use outside of Joomla folders in the htaccess maker?

Kind regards,
Jip

Adding the file to the 'exceptions' also does not seem to help....

I've been digging around a bit more....

Adding folder to allow file types (and adding the needed file type) does work to be able to access them from the browser.

When adding a file to the root (public_html) we need to add the file to 'Allow direct access to these files'. In this case the Google verification file. That seems to work.

So in some cases adding a folder + file extension to allow certain file types is one way to go. IN other cases using the 'allow direct access to...' is a way to access files.

Right?

Has there been any changes to how this works in AdminTools lately? I don't believe we had issues like this before. But maybe we have some old htaccess files on our sites...

I think I stumbled on this because of another issue not being able to access files in a hidden folder (folder wit a dot in front). I got confused by all the settings in the htaccess maker, but even with the htaccess file disabled the file in the hidden folder was not found by the browser... So this is probably a server configuration issue. I asked my server provider to look into this.

OK, thanks Davide. Due to this change we might run into more issues maybe. We'll see.

We now do need to allow access to the error files in the root of all of our websites. We use DirectAdmin and these files are use for server error messages:

400.shtml
401.shtml
403.shtml
404.shtml
500.shtml

But due to the change in AdminTools we now need to add these files as exceptions to the htaccess. Not a big deal, but this change in DirectAdmin does present us with some new challenges ;-) But I guess this new feature makes our website safer. So thats's a good thing.

OK, thanks. I'm not sure if moving these files will work because they are used bij DirectAdmin (path in server settings), but I will ask our server hoster about this.

This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.