@fontface - 403-forbidden error in zen cart

Question

I wasn't really sure if this was the right place to post this as I have no idea where the problem is. Basically fonts are a real pain for me right now and nothing is working. I have tried loading fonts from google-fonts and ran into problems with IE so i decided to download them and serve them myself but now it's not working in any browser I am getting the error:

"NetworkError: 403 Forbidden - http://www.mychic.co.uk/includes/templates/SmartStart/fonts/architectsdaughter-webfont.woff" "NetworkError: 403 Forbidden - http://www.mychic.co.uk/includes/templates/SmartStart/fonts/architectsdaughter-webfont.ttf"

I have tried playing with permisssions to give read and execute permissions on the files and have even tried 777 and am still getting the same error, the fonts are definately where they should be and my css looks like this:

@font-face {
    font-family: 'architects_daughterregular';
    src: url('../fonts/architectsdaughter-webfont.eot');
    src: url('../fonts/architectsdaughter-webfont.eot?#iefix') format('embedded-opentype'),
         url('../fonts/architectsdaughter-webfont.woff') format('woff'),
         url('../fonts/architectsdaughter-webfont.ttf') format('truetype'),
         url('../fonts/architectsdaughter-webfont.svg#architects_daughterregular') format('svg');
    font-weight: normal;
    font-style: normal;

}

body { font-family: 'architects_daughterregular'; }

It was suggested that I add an .htaccess file so i have added the following to the root of the site and the fonts directory (is this correct):

AddType application/vnd.ms-fontobject .eot
AddType application/x-font-ttf        .ttf
AddType application/x-font-woff       .woff

Any ideas what I am doing wrong here - any help/ideas are much appreciated?

Answer 1

I have found out what the issue was here thanks to my hosting provider, I will relay the info as best I can for anyone else with the same issue: zencart has included in the includes folder an .htaccess file which blocks certain files. deleting this will solve the problem but also allows the running of scripts on the server, so better to just allow through the file types which correspond to your font files (see the svg,eot,woff &ttf file types added to the files match) :

#
# @copyright Copyright 2003-2010 Zen Cart Development Team
# @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
# @version $Id: .htaccess 18695 2011-05-04 05:24:19Z drbyte $
#
# This is used with Apache WebServers
#
# The following blocks direct HTTP requests to all filetypes in this directory recursively, except certain approved exceptions
# It also prevents the ability of any scripts to run. No type of script, be it PHP, PERL or whatever, can normally be executed if ExecCGI is disabled.
# Will also prevent people from seeing what is in the dir. and any sub-directories
#
# For this to work, you must include either 'All' or at least: 'Limit' and 'Indexes' parameters to the AllowOverride configuration in your apache/conf/httpd.conf file.
# Additionally, if you want the added protection offered by the OPTIONS directive below, you'll need to add 'Options' to the AllowOverride list, if 'All' is not specified. 
# Example:
#<Directory "/usr/local/apache/htdocs">
#  AllowOverride Limit Options Indexes
#</Directory>
###############################

# deny *everything*
<FilesMatch ".*">
  Order Allow,Deny
  Deny from all
</FilesMatch>

# but now allow just *certain* necessary files:
<FilesMatch ".*\.(js|JS|css|CSS|jpg|JPG|gif|GIF|png|PNG|swf|SWF|xsl|XSL|svg|eot|ttf|woff)$">
  Order Allow,Deny
  Allow from all
</FilesMatch>

IndexIgnore */*


## NOTE: If you want even greater security to prevent hackers from running scripts in this folder, uncomment the following line (if your hosting company will allow you to use OPTIONS):
# OPTIONS -Indexes -ExecCGI