[Solved] Right problems with default settings

floown · April 20, 2021, 8:55pm

Hello,

I am migrating a Drupal 7 site to a HestiaCP hosting. Everything went well, I have a connection to the database and the texts are displayed and I can surf on the site. On the other hand, I have a problem of rights (as the images return a 403 error).

In the “files” directory, I did a :
find . -type d -exec chmod 775 {} \;
find . -type f -exec chmod 664 {} \;

The files and folders are owned by my user HestiaCP : myuser:myuser

Despite all this, images (and compressed css) are not displayed.

I call upon your expertise to help me on this last point.

A huge thank you in advance.

falzo · April 20, 2021, 9:11pm

changing the permissions from the defaults 755/644 to 775/664 won’t do anything as the group does not play a role in it at all. you need to look at your server logs to see the full and correct error, which eventually will point you in the right direction or what path it might look at.

could be that it’s about accessing some temporary folder. could be something else. only you and your logfiles know.

floown · April 20, 2021, 10:22pm

Hi @falzo

Here are the logs: 2021/04/21 00:06:48 [crit] 4377#4377: *468 open() "/home/floown/web/test.domain. - Pastebin.com
What I don’t understand: Apache asks me for this file /home/floown/web/test.domain.com/public_html/sites/.htaccess
But it never existed in the other server.

falzo · April 20, 2021, 11:25pm

no that message does not mean that apache ask you for that file. it is just not able to check if that file even exists or not - but it needs to do so, to be able to honor any rules that might be put inside one of those. PcfgOpenfile - HTTPD - Apache Software Foundation

so depending on your apache-setup that means (some) of your folders might not have the owner or permission you expect it to have. this can occur if you extracted an archive with a different user via cli and did not adjust the owner and permissions.
be careful with that… find is usually the proper way to go though.

if the owner and permissions are correct than you should check what mpm your apache is using and under what user it runs. obviously it should be that user as well for which you might need mod_ruid2 for instance, if you run mpm_prefork.
if I remember correctly this was missing for in the ubuntu installer for some time… so you might want to check, how your system is set up in that regard.

floown · April 21, 2021, 12:58am

Thank you for your explanations. I had install Hestia with defaults, on a Ubuntu.

Here are the module installed for Apache :

# apachectl -M
Loaded Modules:
core_module (static)
so_module (static)
watchdog_module (static)
http_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
unixd_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
auth_basic_module (shared)
authn_core_module (shared)
authn_file_module (shared)
authz_core_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
fcgid_module (shared)
filter_module (shared)
status_module (shared)
mime_module (shared)
mpm_event_module (shared)
negotiation_module (shared)
proxy_module (shared)
proxy_fcgi_module (shared)
remoteip_module (shared)
reqtimeout_module (shared)
rewrite_module (shared)
rpaf_module (shared)
setenvif_module (shared)
socache_shmcb_module (shared)
ssl_module (shared)
suexec_module (shared)

I have check on my old VestaCP installation, and I found some lines I have copy to Hestia :

apachectl -V | grep -i mpm
Server MPM:     event

What commands I should use now?

Thanks a lot.

eris · April 21, 2021, 5:28am

No the permissions to some folders are wrong … Please check if all the folders have the correct permissions…

floown · April 21, 2021, 9:58am

If I do a:
find . -type f -exec chmod 777 {} \;
However, the test image is not accessible. So, I am left with the solution of the file owner.

So, perhaps a:
chown -R www-data ?

//EDIT : ok, the problem is still here with a chown -R www-data or chown -R www-data:www-data

falzo · April 21, 2021, 11:47am

don’t mess up your permissions or ownership like that, as it will only lead to more problems.
unless apache/php is running as www-data for that specific vhost, there is no need to check why that is the case and even if it were, it would be wrong to change the ownership on the file level. instead you would need to correct apache into running with right user. as long as there is no prefork involved, you won’t need mod_ruid2. suexec is handling fastcgi/fpm and seemed to be there.

the images probably are something created on demand and if access to write whatever is generated, obviously it can’t be delivered/displayed.

you should make sure that: files and folders belong to the user who owns the web-domains aka the correct hestia-user. folders in general should have 755 and files 644 as permissions.

does this path: /home/floown/test.domain.com/public_html/sites/domain.com/files/ even exist?

the double up on the domain in the path seems like a ‘leftover’ from a migration or so? maybe there is a path hard-coded in one of your plugins and now obviously it fails to access that, because it changed and did not get adjusted…

floown · April 21, 2021, 2:59pm

Thank you a lot. I have solved my problem with a chmod of the parent directory (to 755). HestiaCP works as designed.

Finally, it was a good day ^^

system · May 21, 2021, 3:00pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.