Applicable to:
- Plesk for Linux
Symptoms
-
Website hosted in Plesk is not working:
CONFIG_TEXT: You don't have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.Or, the blank page is shown instead of content.
-
The domain's error log in Domains > example.com > Logs contains the following:
CONFIG_TEXT: (13)Permission denied: /var/www/vhosts/example.com/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable, referer: http://example.com/
(13)Permission denied: [client 203.0.113.2:39024] AH00529: /var/www/vhosts/example.com/httpdocs/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/var/www/vhosts/example.com/httpdocs/' is executable
Cause
Incorrect permissions for domain's files or folders
Resolution
Repair permissions for the website content:
Click on a section to expand
-
Go to Tools & Settings > Diagnose & Repair
-
In File System section select Only the Virtual Hosts Files and click Check Selected:
-
Click Show Issues when some are detected to view the details:
-
Click Repair to repair all detected issues for all virtual hosts files.
-
Connect to the server via SSH.
-
Execute the following command (replacing example.com with the domain name):
# plesk repair fs example.com
-
Add required permissions for all the folders inside the document root of the website:
# find /var/www/vhosts/example.com/httpdocs/ -type d -exec chmod 755 {} \;
-
Add required permissions for all files inside the document root of the website:
# find /var/www/vhosts/example.com/httpdocs/ -type f -exec chmod 644 {} \;
-
Set the proper ownership:
# chown jdoe:psaserv /var/www/vhosts/example.com
-
Connect to the server via SSH.
-
Execute the following command (replace example.com in the command below with the domain name:
# INFO=($(MYSQL_PWD=`cat /etc/psa/.psa.shadow` mysql -uadmin psa -sN -e'SELECT h.www_root,s.login FROM domains d, hosting h, sys_users s WHERE s.id=h.sys_user_id AND h.dom_id=d.id AND d.name="example.com"')); chown -R ${INFO[1]}:psacln ${INFO[0]}; chown ${INFO[1]}:psaserv ${INFO[0]}
-
Execute the following command (replacing example.com with the domain name):
# plesk repair fs example.com
-
Add executable for all the folders inside the document root of the website:
# find /var/www/vhosts/example.com/httpdocs/ -type d -exec chmod 755 {} \;
the same symptoms may appear when apache permissions are not correct: https://support.plesk.com/hc/en-us/articles/360017555760
Comments
9 comments
HI!
just want to say, its not always the user.
sometimes its the group.
somehow it changed to psacln.
somehow example: client deleted the httpdocs folder and then recreated it.
so, solution is chown ftpuser:psaserv httpdocs in this situations
Hi @lev k , yes, that's correct, however article describes specific case when user is not in psaserv group
I am getting the same errors described in this article, but it does not look to be permissions.
After a service restart of Apache I can run the command:
lsof -c httpd | grep "apache-shm" | wc -l
And the count will be in the 20's or so.
As the day(s) go on that number will grow and grow up into the tens of thousands and eventually bomb websites on the Plesk server with a 403 error and the errors mentioned in the log files in this article.
Once it bombs out, the apache-shm count will go back down, sites will return to normal, but it will start to slowly climb back up.
Have had a support call/remote session with Plesk support, but have not had any luck finding a fix.
CentOS Linux release 7.5.1804
Plesk Onyx Version 17.5.3 Update #54
Hello @Brian,
As the issue is complex I suggest creating a follow-up ticket to Plesk support and double-check the issue.
Hi to all,
in CentOS 7, I solved like this:
sudo vi /etc/httpd/conf/httpd.conf
and setting:
<Directory />
AllowOverride none
</Directory>
further on..
<Files ".ht'">
#Require all denied
</Files>
save, and restart Apache with:
sudo systemctl restart httpd
Plesk>Website&Domain>Hosting Settings, setting Document Root: /example.com (using your website name)
Plesk>Website&Domain check the name of System user
Use this user (and password) to login in WinSCP (or similar) , navigate to /var/www/vhosts, right button on your website folder (example.com), set 755 (octal) permission
and the problem has disappeared.
I hope it is a starting point for someone.
Hi Robert Maggi,
Thank you for sharing your solution. I'm sure it will be helpful for other Plesk users.
I had to run this today on a subdomain on a Obsidian Updated Server :/ please fix this asap.
Hello ignacio correia the issue described in this particular article caused by manually customized permissions. Please review domain logs and files to find what might be causing an error.
[Sat Nov 07 09:52:59.174076 2020] [core:crit] [pid 12422:tid 140443408918272] (13)Permission denied: [client #############] AH00529: /var/www/vhosts/#######/httpdocs/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/var/www/vhosts/######/httpdocs/' is executable
I am importing zip file and then extract, look like files and folders permissions are not being set correctly.
I need to manually go to every file or via SSH assign 775 otherwise files can't be read.
Please sign in to leave a comment.