I have been running FreePBX for a couple of years from an original asterisknow distro. All upgrades since then have been through Module Admin, although I upgraded asterisk from 1.4 to 1.8 manually nearly a year ago.
I am now running FreePBX 220.127.116.11 on Centos OS with Apache 2.2.3 and Asterisk 18.104.22.168
Recently I upgraded FreePBX to version 2.10 using module admin (carefully following the upgrade instructions from 2.9) but after completing this upgrade I was unable to access the web interface. The phones kept operating, but I was only presented with an “unauthorised access” error page through the browser.
Eventually I moved/renamed the .htaccess files and restored (apparently) normal operation.
Today I have applied the recent module updates to bring the Framework up to version 22.214.171.124. This has restored all of the .htaccess files and I am now presented with the same error. Again, I have moved/renamed all of the .htaccess files in order to restore “normal” operation.
Specifically I have moved/renamed the .htaccess files from the following directories:
Clearly, these .htaccess files are necessary to the secure and proper operation of apache, but apache blocks all access when they are in place.
The apache error log looks like this:
[Thu Mar 29 10:33:48 2012] [alert] [client xx.xx.xx.xxx] /var/www/html/admin/.htaccess: deny not allowed here, referer: http://pbx.mydomain.com/admin/config.php
[Thu Mar 29 10:33:57 2012] [alert] [client xx.xx.xx.xxx] /var/www/html/admin/.htaccess: deny not allowed here
[Thu Mar 29 10:34:08 2012] [alert] [client xx.xx.xx.xxx] /var/www/html/admin/.htaccess: deny not allowed here, referer: http://pbx.mydomain.com/
[Thu Mar 29 10:34:10 2012] [alert] [client xx.xx.xx.xxx] /var/www/html/admin/.htaccess: deny not allowed here, referer: http://pbx.mydomain.com/
The contents of the /var/www/html/admin/.htaccess file looks like this
Disallow all file access first
Deny from all
Now allow /admin, /admin/config.php and /admin/index.php as well as the various assets
Allow from all
(For some reason I’ve had to replace the code brackets <> around the FilesMatch tags to display it correctly in this forum)
Just to see what happens, I also tried editing the first line of the .htaccess file to “Allow from all” instead of “Deny from all” on the first line, but then I get an error saying “Allow not allowed here”, so it looks like apache is not parsing the .htaccess file correctly or there is a syntax error of some kind?
I would very much appreciate some help from anyone who has some experience of how these files are supposed to work.