Support

Admin Tools

#10895 403 error even after adding the path in the server settings in .htaccess maker

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Tuesday, 31 January 2012 11:29 CST

Monday, 30 January 2012 16:28 CST

user51957
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? yes
Have I searched the tickets before posting? yes
Have I read the documentation before posting (which pages?)? yes
Joomla! version: joomla 1.5
PHP version: (unknown)
MySQL version: (unknown)
Host: justhost.com
Admin Tools version: 2.2

Description of my issue:
i have a music playing on my website but since i installed admin tools it stopped working, i already tried to put in the server settings to allow it in the .htaccess but that still doesnt help. maybe i am doing it wrong, here is the 403 error http://www.mikamocha.com/plugins/content/saudioplayer/niftyplayer.swf?file=http://www.mikamocha.com/media/music/mks.mp3&as=1
exactly where and how should i enter this, under which setting (the one with php or without) and how much of the url do i enter for this one?
i tried all combinations and nothign works!
thanks
Leah

Monday, 30 January 2012 22:30 CST

rkendallc
try placing the following in the .htaccess maker area under server settings and "allow direct access to these files":

plugins/content/saudioplayer/niftyplayer.swf


That is the file that is actually executed on the server, so let's see if that now gives you the correct access.

Tuesday, 31 January 2012 03:23 CST

nicholas
If you're using the .htaccess Maker, you also have to set "Protect against common file injection attacks" to No. Otherwise, the existence of an absolute URL in the file parameter of the flash player will trigger it and cause the sound file not being loaded.

Off-topic: it's not a good idea to have music playing in the background. Last night I was browsing the web and almost got a heart attack when loud music started blasting from my speakers. Please don't startle your visitors with music, especially if there is no visible control to turn it off.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 31 January 2012 11:10 CST

user51957
yes that worked, i had to turn of the "Protect against common file injection attacks".
does this make my website more vulnerable? if it does, maybe its not worth the music!
Thanks for the quick and accurate reply!

Tuesday, 31 January 2012 11:14 CST

nicholas
As long as you have the UploadShield enabled in the Configure WAF page of Admin Tools, the risk by disabling this .htaccess Maker option is miniscule, almost negligible. It would require a synergy of several improbable conditions (a known PHP file directly accessible over the web, with a file inclusion vulnerability, a host with URL fopen() wrappers enabled and an attacker who can put them all together). I wouldn't lose much sleep over that.

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 31 January 2012 11:20 CST

user51957
thank you very much again for all the help and explanations!
i must say from all the joomla extensions yours are amazing and fast and your customer service is just amazing and accurate!
do you do private jobs for joomla and vm?

Tuesday, 31 January 2012 11:23 CST

nicholas
Hi Leah,

Thank you for your kind words!

Unfortunately I am beyond the point of having no time. I'm trying to offload some of mine work so that I can do as much as enjoy a weekend without replying to tickets or writing code. I certainly can't take any more work - especially since I know I would never make the deadline :(

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 31 January 2012 11:27 CST

user51957
i understand!
I wish you an easy week!
thanks for all the help

Tuesday, 31 January 2012 11:29 CST

nicholas
You're welcome!

Nicholas K. Dionysopoulos

Lead Developer and Director

πŸ‡¬πŸ‡·Greek: native πŸ‡¬πŸ‡§English: excellent πŸ‡«πŸ‡·French: basic β€’ πŸ• My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!