stackoom
  简体   繁体   中英

HTTP Response Code 403 for HTTPS but not for HTTP, Custom PHP Script

 原文  2018-07-26 00:32:34       php/ apache/ .htaccess/ http/ https

Question

Scenario:
I have a Java application that requires some sensitive data to make some connections to services. In an effort to solve the "Do not hard-code credentials" I have created an encrypted handshake between the Java application and a remote server.

The verification is performed by a PHP script that I wrote. It works great using PHP but receives an response code of 403 when using HTTPS. I am unable to reach the script using HTTPS through the Google Chrome and Microsoft Edge browsers as well.

I contacted my server host and their response was that there was a problem with the script and they had done all that they could do. They noted an error in the logs (that I have not been able to access) that stated:

[Mon Jul 23 22:07:18.864507 2018] [:error] [pid 33343] [client 87.118.135.66:56676] Options ExecCGI is off in this directory: /usr/local/apache/htdocs/...

Then the support staff noted:

In my opinion this is an issue with the script itself which might be referencing /usr/local/apache/htdocs/.

After searching around for this option I created a .htaccess file and added the following lines: 

Allow From All
Options +ExecCGI

No change, I have tried many other solutions involving .htaccess (too many to list here) that have not worked.

I found more solutions that indicated that my permissions were off, so I checked. I moved all of my file permissions up to 755 yet no avail. I even changed the imported file permissions to 755 even though there is no issue with it when using HTTP.

I would rather not post my security script here if I don't have too, so I created an index.php file in the same directory as my scripts in hopes that I could get something simple like this to respond, yet nothing.

An SSL Wildcard from Let's Encrypt is applied to the parent domain siliconmindtech.com. The test URL in question is:

Not Working
https://piknpak.siliconmindtech.com/index.php

Working
http://piknpak.siliconmindtech.com/index.php

Please advise as this is driving me crazy.

Thanks!

1 answers

solution1
 0  2018-07-27 15:07:24

Solved,

The issue was simple, I just misunderstood the technology that I was using. I used Let's Encrypt to create a wildcard on my parent domain that would effect all sub-domains.

Well this did not work out as intended. I was still unable to access my *.siliconmindtech.com content with HTTPS.

In the effort of solving things I was poking around in my Let's Encrypt CPanel configuration and decided to just add an independent SSL Certificate directly to my sub-domain. Voilà! That made it work.

Thank you to all that viewed this question and commented.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question php redirecting code http to https PHP cURL request fails on https call with errno 56: “Received HTTP code 403 from proxy after CONNECT” send custom HTTP response with PHP php script exited after run http_response_code Http response code enums in PHP PHP Get HTTP Response Code http_response_code() in php BasicNetwork.performRequest: Unexpected response code 403 for http://localhost/database/login.php Got Http response code 403 when accessing https://api.sandbox.paypal.com/v1/payments/billing-plans/ How to know php script is request in HTTPS not HTTP?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM