Support

Mandatory information about my setup:

Have I searched the forum before posting? Yes
Have I read the Troubleshooting Wizard before posting? Yes
Have I read the documentation before posting? Yes
Joomla! version: (1.6.3)
PHP version: (5.3.4)
MySQL version: (mysqli Client API header version 5.1.54 )
Host: (http://www.oderland.se)
Admin Tools Professional version: (had 2.0.5 when problem occured. Now upgraded to 2.1)


Description of my issue:

When making a search at Google and coming up with this page of results
http://www.google.se/search?hl=sv&client=firefox-a&hs=ql&rls=org.mozilla%3Aen-US%3Aofficial&q=psykolog+maj-britt+lindahl&btnG=S%C3%B6k&oq=psykolog+maj-britt+lindahl&aq=f&aqi=&aql=&gs_sm=s&gs_upl=0l0l0l0l0l0l0l0l0l0l0ll0

I got "403 forbidden" when clicking on the second result-link
"majbrittlindahl.se - Psykolog Maj-Britt Lindahl"
leading to this URL
http://www.majbrittlindahl.se/psykolog--maj-britt-lindahl.html

What is really weird is that when I pasted the URL instead of clicking on the link from Google the problem never occured! Only when clicking the link from Google did I get the 403 forbidden error.

I removed the custom htaccess and temporarily put a standard Joomla htaccess there instead which has solved the problem for now.

But, I'm really curious to know what in this custom htaccess (made with AT) caused the problem because I have the exact same custom htaccess (made with AT) at another site (www.formfranska.com) where I never had the same problem! Also that website is with the same host.

(I have searched the forum and I've seen something about a Anti Leach Rules but it's all above my head so I'm not sure it's anything to do with that.)

Would anyone have a clue please?

Greetings
Anna

Below, copied from the htaccess causing the 403:

### ===========================================================================
### Security Enhanced & Highly Optimized .htaccess File for Joomla!
### automatically generated by Admin Tools 2.0.5 on 2011-05-15 18:47:36 GMT
### Auto-detected Apache version: 2.2 (best guess)
### ===========================================================================
###
### The contents of this file are based on the same author's work "Master
### .htaccess", published on http://snipt.net/nikosdion/the-master-htaccess
###
### Admin Tools is Free Software, distributed under the terms of the GNU
### General Public License version 3 or, at your option, any later version
### published by the Free Software Foundation.
###
### !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! IMPORTANT !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
### !! !!
### !! If you get an Internal Server Error 500 or a blank page when trying !!
### !! to access your site, remove this file and try tweaking its settings !!
### !! in the back-end of the Admin Tools component. !!
### !! !!
### !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
###

##### RewriteEngine enabled - BEGIN
RewriteEngine On
##### RewriteEngine enabled - END

##### RewriteBase set - BEGIN
RewriteBase /
##### RewriteBase set - END

##### File execution order -- BEGIN
DirectoryIndex index.php index.html
##### File execution order -- END

##### Redirect index.php to / -- BEGIN
RewriteCond %{THE_REQUEST} !^POST
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /index\.php\ HTTP/
RewriteCond %{SERVER_PORT}>s ^(443>(s)|[0-9]+>s)$
RewriteRule ^index\.php$ http%2://www.majbrittlindahl.se/ [R=301,L]
##### Redirect index.php to / -- END
##### Redirect non-www to www -- BEGIN
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
##### Redirect non-www to www -- END

##### Rewrite rules to block out some common exploits -- BEGIN
RewriteCond %{QUERY_STRING} proc/self/environ [OR]
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
RewriteCond %{QUERY_STRING} base64_(en|de)code\(.*\) [OR]
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\[0-9A-Z]{0,2})
RewriteRule .* index.php [F]
##### Rewrite rules to block out some common exploits -- END
##### File injection protection -- BEGIN
RewriteCond %{REQUEST_METHOD} GET
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=http:// [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=(\.\.//?)+ [OR]
RewriteCond %{QUERY_STRING} [a-zA-Z0-9_]=/([a-z0-9_.]//?)+ [NC]
RewriteRule .* - [F]
##### File injection protection -- END

##### Advanced server protection rules exceptions -- BEGIN
RewriteRule ^components\/com_uddeim\/captcha15\.php$ - [L]
RewriteRule ^components\/com_virtuemart\/fetchscript\.php$ - [L]
RewriteRule ^administrator\/components\/com_extplorer\/fetchscript\.php$ - [L]
RewriteRule ^plugins\/system\/GoogleGears\/gears-manifest\.php$ - [L]
RewriteRule ^plugins\/content\/jw_allvideos\/includes\/jw_allvideos_scripts\.php$ - [L]
RewriteRule ^administrator\/components\/com_akeeba\/restore\.php$ - [L]
RewriteRule ^administrator\/components\/com_admintools\/restore\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !(\.php)$
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^components\/com_agora\/img\/members/ - [L]
##### Advanced server protection rules exceptions -- END

##### Advanced server protection -- BEGIN

## Referrer filtering for common media files
RewriteRule ^images/stories/.*\.(jpe|jpg|jpeg|jp2|jpe2|png|gif|bmp|css|js|swf|html|html)$ - [L]
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !^(http://www\.majbrittlindahl\.se|https://www\.majbrittlindahl\.se) [NC]
RewriteRule \.(jpe|jpg|jpeg|jp2|jpe2|png|gif|bmp|css|js|swf|html|html)$ - [F]
RewriteCond %{QUERY_STRING} \=PHP[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12} [NC]
RewriteRule .* - [F]
## Back-end protection
RewriteRule ^administrator/?$ - [L]
RewriteRule ^administrator/index\.(php|html?)$ - [L]
RewriteRule ^administrator/index[23]\.php$ - [L]
RewriteRule ^administrator/(components|modules|templates|images|plugins)/.*\.(jpe|jpg|jpeg|jp2|jpe2|png|gif|bmp|css|js|swf|html|mpg|mp3|mpeg|mp4|avi|wav|ogg|ogv|xls|xlsx|doc|docx|ppt|pptx|zip|rar|pdf|xps|txt|7z|svg|odt|ods|odp|flv|mov|htm)$ - [L]
RewriteRule ^administrator/ - [F]
## Explicitly allow access only to XML-RPC's xmlrpc/index.php or plain xmlrpc/ directory
RewriteRule ^xmlrpc/(index\.php)?$ - [L]
RewriteRule ^xmlrpc/ - [F]
## Disallow front-end access for certain Joomla! system directories
RewriteRule ^includes/js/ - [L]
RewriteRule ^(cache|includes|language|libraries|logs|tmp)/ - [F]
## Allow limited access for certain Joomla! system directories with client-accessible content
RewriteRule ^(components|modules|templates|images|plugins|media)/.*\.(jpe|jpg|jpeg|jp2|jpe2|png|gif|bmp|css|js|swf|html|mpg|mp3|mpeg|mp4|avi|wav|ogg|ogv|xls|xlsx|doc|docx|ppt|pptx|zip|rar|pdf|xps|txt|7z|svg|odt|ods|odp|flv|mov|ico|htm)$ - [L]
RewriteRule ^(components|modules|templates|images|plugins|media)/.*index\.php - [L]
RewriteRule ^templates/.*\.php$ - [L]
RewriteRule ^(components|modules|templates|images|plugins|media)/ - [F]

## Disallow access to rogue PHP files throughout the site, unless they are explicitly allowed
RewriteCond %{REQUEST_FILENAME} (\.php)$
RewriteCond %{REQUEST_FILENAME} !(/index[23]?\.php)$
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule (.*\.php)$ - [F]
## Disallow access to htaccess.txt, php.ini and configuration.php-dist
RewriteRule ^(htaccess\.txt|configuration\.php-dist|php\.ini)$ - [F]
##### Advanced server protection -- END


##### Joomla! core SEF Section -- BEGIN
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_URI} !^/index\.php
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|raw|ini|zip|json|file|vcf))$ [NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php [L]
##### Joomla! core SEF Section -- END

Sorry, just wanted to add that I'm not sure where I can edit my forum signature (since forum switch some time ago) so that's why is says I'm on version 1.5.18 which hasn't been true for a long time. Sorry :-)

Also wanted to add that
http://www.majbrittlindahl.se
is my mother's website and
http://www.formfranska.com
is my own

Anna

Figured out how to change my signature now :-)
/Anna

Try going to the htaccess maker in admin tools and under server protection chnage, Anti-leech protection for static resources outside images/stories option to NO.

Try again and you should find your issue is fixed.

Hello Nicholas and Slaes,

Thank you ever so much.

Now you've been working faster than lightning Nicholas! When I was gonna save my htaccess settings I ran into the problem with not being able to save them. Searched the forum and found a post about it
https://www.akeebabackup.com/support/forum/topic/28216-cant-save-waf-changes/48552.html#p48552

So upgraded to AT 2.1.1 where you've taken out the Anti-leach option already :-) This is great! I've tested links from Google with my new htaccess and i seams to work just fine :-)

You're the best :-)

Greetings
Anna

Nicholas,

When the new version of Pro was put out and the anti-leach was removed, it created a hidden problem.

If you had put (anti-leach) in your .htaccess prior to 2.1.1 and upgraded, it is still there (as the upgrade does nothing to the currently saved .htaccess file).

The suggestion is to redo your .htaccess file (with the htaccess maker) after the upgrade to 2.1.1

I was having the 403 forbidden error and as soon as I recreated the .htaccess file and saved, the problem went away.