Forbidden You don't have permission to access /admin/config.php on this server - Resolved

transcendent · April 2, 2010, 1:32pm

Your FreePBX version: (2.5.2.2.2)

VPN in a flash (PBX in a Flash) distribution

Fedora release 10 (Cambridge))

Have been able to update using Module Admin prior from September 2009

Have done 3 YUM updates and now have “Forbidden messages” through most Free PBX functions

Following are some errors through FreePBX:

Any assistance is much appreciated as cannot change anything on server, and cant even extract sql via PHPMyAdmin without error - Forbidden You don’t have permission to access /maint/phpMyAdmin/export.php on this server.

Extensions, Trunks, Feature Codes, General Settings - Able to select extension or trunk and amend, but when SUBMIT - Error Forbidden You don’t have permission to access /admin/config.php on this server.

Outbound routes - Not even able to click on any route without error - Forbidden You don’t have permission to access /admin/config.php on this server.

FreePBX System status has 3 modules available online

Module Administration
Check for updates online Error - Forbidden You don’t have permission to access /admin/config.php on this server.

REPORTS
Any use of search function Error - Forbidden You don’t have permission to access /admin/config.php on this server.

Recordings
Login ok with voicemail bos
when select voicemail and click delete - Forbidden You don’t have permission to access /recordings/index.php on this server.

Thanks for any assistance and Happy Easter.

Regards
David

blanchae · April 2, 2010, 2:55pm

I thought that PiaF installed under CentOS? Some sort of hacked install?

Anyways, /etc/amportal.conf and /etc/asterisk/manager.conf should have the admin passwords matching. Try that.

transcendent · April 2, 2010, 11:04pm

Hi Eugene

Install by PBX In a Flash but uses fedora - details at:

http://vpninaflash.com/
http://knol.google.com/k/vpn-in-a-flash#

users and passwords match at default of amp111

Fault seems to have happened after YUM update
Access to system was blocked by firewalls so suspect not hacked ?!

Not totally locked out - Am able to log into FreePBX and Can view FreePBX Admin,Status, Menus etc, but cannot modify any pages ie: submit brings up Forbidden error

Thanks

blanchae · April 2, 2010, 11:44pm

Sounds like a permission problem as opposed to authentication. Or mySQL passw0rd problem.

blanchae · April 2, 2010, 11:56pm

Both /var/www/html/admin and /var/www/html/admin/config.php have user:group of asterisk:asterisk

Have you done a passwd-master again after the yum update?

transcendent · April 3, 2010, 1:19am

Just run passwd-master (1st since yum updates) but same issue … thanks

transcendent · April 3, 2010, 1:25am

TO me too, but have modified admin afolder and config as follows:

drwxrwxrwx 8 asterisk asterisk 4096 2010-04-03 12:06 admin

/var/www/html/admin
-rwxrwxrwx 1 asterisk asterisk 12694 2009-09-10 11:42 config.php

transcendent · April 7, 2010, 11:47pm

modsecurity which sits in front of FreePBX, and other web pages, and filters input.

Fixed issue by disabling as follows:

i. (within terminal) nano /etc/httpd/conf.d/mod_security.conf

ii. (within nano) Type # in front of “LoadModule security 2_module/mod_security2.so line”

iii. (within nano) Press “Ctrl X” and then “Y” and then Return which should result in saving the file and exiting nano.

iv. (within terminal) apachectl restart

Additional details available at:
http://pbxinaflash.com/forum/showthread.php?t=7048&page=2

Thanks to Eugene and Joe