[英]Apache 403 Forbidden When Uploading Files
我使用輸入文件提交多部分/表單數據表單時遇到奇怪的apache錯誤。 看來只有在我上傳70kb或更大的文件時才會發生。
這是我的php.ini設置:
file_uploads = On
upload_max_filesize = 10M
max_execution_time = 90
max_input_time = 90
memory_limit = 196M
post_max_size = 10M
這是test.php中的HTML:
<form action="" method="POST" enctype="multipart/form-data">
<input type="file" name="pdfMagazine" />
<input type="submit" value="Save" name="saveMagazine" />
</form>
這是錯誤:
Forbidden
You don't have permission to access /test.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Server at myserver.com Port 80
以下是有關環境的更多詳細信息:
.htaccess
限制文件上傳 誰能幫我嗎?
提前致謝。
[更新]
看來服務器確實安裝了mod_security,這是apache原始日志:
[Wed Jun 12 19:48:01 2013] [error] [client x.x.x.x] mod_security: Access denied with code 403. read_post_payload: Failed to create file "/root/tmp/20130612-194801-190.115.8.74-request_body-deJpho" because 13("Permission denied") [severity "EMERGENCY"] [hostname "myserver.com"] [uri "/test.php"]
[Wed Jun 12 19:48:01 2013] [error] [client x.x.x.x] mod_security: sec_filter_in: Failed to open file "/root/tmp/20130612-194801-190.115.8.74-request_body-deJpho" [hostname "myserver.com"] [uri "/403.shtml"]
經過研究,我發現:
**Upload tmpdir issues**
Seeing this?
<source lang='php'> [Fri Nov 18 14:49:50 2011] [error] [client 72.52.142.215] mod_security: Access denied with code 406. read_post_payload: Failed to create file "/root/tmp/20111118-144950-72.52.142.215-request_body-xGPNPd" because 13("Permission denied") [severity "EMERGENCY"] [hostname "lakedonpedro.org"] [uri "/wp-cron.php?doing_wp_cron"] [unique_id "TsbhJkg0jtcAACYIFDk"] </source>
This actually happens because PHP's being set to use /root/tmp and the upload tmp dir. Let's set a few things then! Yay!
Make sure these are all set in /usr/local/lib/php.ini (session.save_path will probably already be set)
upload_tmp_dir = /tmp
session.save_path = /tmp
Make sure these are all set in /usr/local/apache/conf/modsec2.user.conf (or the applicable file for your system)
SecUploadDir /tmp
SecTmpDir /tmp
Restart the apachies.
It also seems it has worked adding the above to modsec.conf corrects this issue. per ~awilson
我確實更改了php.ini,但modsec配置文件有一個大警告,只有服務器提供商才能編輯它,因此我正在與他們聯系。
我會讓你知道發生了什么。
[解決了]
默認情況下,Apache的mod_security模塊的上傳限制為60kb,因此任何較大的上傳都會引發403錯誤代碼。
由於modsec.conf只能由服務器提供者編輯,因此我將以下行添加到每個根.htaccess中:
SecFilterEngine Off
通常關閉了mod_security過濾器。
默認情況下,Apache的mod_security模塊的上傳限制為60kb,因此任何較大的上傳都會引發403錯誤代碼。
由於modsec.conf只能由服務器提供者編輯,因此我將以下行添加到每個根.htaccess中:
SecFilterEngine Off
通常關閉了mod_security過濾器。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.