3

Let me preface this with, only one user is having this issue. Everyone else can log-in to the Joomla administration just fine.

Originally when I found that the single user was receiving a 403 when landing on the administrator page, I checked to make sure all directories were writable as per the directories listed under Site Information. I've also confirmed that the administrator directory has 755 permissions, and that the user has cleared her cache.

Also, the site was recently moved from one server to another. Changed the A record on the old server to the IP of the new server.

Thoughts as to why a single user would receive a 403 error only in the Joomla administration page?

Josh
  • 1,019
  • 3
  • 17
  • 32
  • can you check access logs and see what is written there when it happens? also, do you have something like `mod_security` enabled? – Marko D Mar 14 '13 at 19:07
  • There is nothing in the logs that isn't from my IP. – Josh Mar 14 '13 at 19:15
  • all users access with the same ip? – Marko D Mar 14 '13 at 19:17
  • Nope, they do not. How do I check if mod_security is enabled? – Josh Mar 14 '13 at 19:21
  • if they do not, then how come in access log you have only your ip listed? access logs should list **all** access informations for your website, whether successful or unnsuccessful. for checking mod_security, try this for example: http://stackoverflow.com/questions/3182500/detect-if-mod-security-is-installed-with-php – Marko D Mar 14 '13 at 19:22
  • Well the only 2 errors in the log are from when I purposely used incorrect credentials to force an error in the log. Other than that, there are no other errors. – Josh Mar 14 '13 at 19:27
  • Interesting, it has only shown errors. Although the file is called, error.php, under `/logs` -- the directory that comes with Joomla. – Josh Mar 14 '13 at 19:29
  • let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/26188/discussion-between-josh-and-marko-d) – Josh Mar 14 '13 at 19:30
  • access.log is _not_ the same as error.log – Marko D Mar 14 '13 at 19:30

2 Answers2

3

After chat discussion, it turns out that the server has been moved recently and since then the problem started.

The problem seems to be cached dns on the user's side, so the user has to clear dns cache, or wait for the provider to clear dns cache

Marko D
  • 7,576
  • 2
  • 26
  • 38
  • @Josh eh. so it was resolving to the correct ip? if you want we can continue the discussion on chat – Marko D Mar 15 '13 at 14:47
  • @Josh hey, I don't think I will be available today anymore, but in the meantime, just make sure her `ping yourdomain.com` and `ping www.yourdomain.com` give the same result as for you! (and she can try without www prefix to open admin page) – Marko D Mar 15 '13 at 18:42
  • I want to guess *one* of the things you suggested worked, because my client emailed me this morning confirming that she can log-in to the administrator, even though I haven't suggested any additional fixes over the weekend. – Josh Mar 18 '13 at 14:36
  • @Josh Good to hear! I was wondering if the issue was resolved, I'm glad it works now! – Marko D Mar 18 '13 at 14:44
  • I don't know how/why it was resolved, but I'm glad too! Thanks for your help. – Josh Mar 18 '13 at 15:30
1

If you look inside your administrator folder, see if there is a .htaccess file in there. If there is, download it and open it up. Look to you can see the following rule:

Deny from ALL Allow from xxx.xxx.xx.xx

This will block everybody from accessing the Administrator page on the web except the IP addresses that follows the ALLOW.

Add the users IP address (he can find what it is by going to www.ipchicken.com).

So if there were two existing Allow from (ip address here), you would copy the whole line and paste it underneath the last one, then change the IP address.

Save and upload back to the administrator folder and try that.

Mike Edwards
  • 11
  • 2