403 (Forbidden) & net::ERR_ABORTED 404 (Not Found)

  • Tig2021

    (@tig1960)


    3 years, 5 months ago

    I have a problem with this site that is intermittent…sometimes the site works fine and other times it doesn’t. When it doesn’t, some images don’t load (broken link symbol) and sometimes the layout looks as if it’s missing a stylesheet. The missing images are definitely on the server, and they are in the correct place. Other people have seen the problem, so it’s not just me.

    When the site is like this I can’t login – the login page appears unformatted and the login doesn’t work.

    Sometimes I can load a broken image if I copy it’s link address and remove the www from it, e.g. make it https://woodlandtreasures.co.uk/wp-content/uploads/2014/04/ebony-jasper-tree-brooch-1021×1024.jpg. When the site is not working properly that image (and any others that aren’t showing) won’t show up with the www prefix.

    Google Console shows there are differing problems at different times. As I write this I can see the site looks fine in all browsers, but I can see there are errors when I look at the site in Incognito mode (see screenshot – https://snipboard.io/XaQdEZ.jpg).

    Everything in the site is up-to-date, have tried renaming the plugins folder and using default theme instead, but the problem remains, so it’s not plugin or theme related. I’ve reloaded WordPress but no change. Have checked the .htaccess file and re-saved Permalinks. Have purged the cache.

    I’ve talked to the hosting company and theme creators but no joy. I installed a caching plugin (at the suggestion of someone here, on WordPress), but no change, although I thought the site was more stable – until today.

    I note that there is a 403 (Forbidden) for the domain root, which you can see in the screenshot here. Could this be causing the other issues? In other words if the host is somehow blocking this, would it also follow that other components couldn’t be found either (404)? I can now also see the following Console error…

    “Failed to load resource: the server responded with a status of 403 (Forbidden”, which refers to /?wc-ajax=get_refreshed_fragments:1

    It seems that everybody has an opinion – much appreciated of course – but nobody can actually help. I don’t know what else I can do, apart from rebuild the site as a last resort.

    The page I need help with: [log in to see the link]

Viewing 15 replies - 1 through 15 (of 27 total)
1 2
  • abletec

    (@abletec)

    3 years, 5 months ago

    Hello, Tig1960, & welcome.

    First, please understand this sort of problem is a b-word to troubleshoot. The main reason is it’s intermittent, & the secondary reason is it’s almost a necessity to have your hands & eyes on the site, looking at error logs, etc. But as forum volunteers, that’s not permissible, so here we go!

    So:
    1) Is this a shared, vps, or dedicated server?
    2) Linux or Windows?
    3) Please tell us how your url’s are saved in your dashboard under ‘Settings > General’.
    4) What is your PHP version?

    Your style sheets are throwing multiple multiple errors. Your Google Analytics plugin script didn’t load.

    Having said all that, though, I wonder if your version of CPanel has an applet where you can view error logs. These might be most instructive. Please show them us on your next reply.

    Also, in your next reply, please let us look at your .htaccess file.

    As well, please download the WordPress site health check & troubleshooting plugin from:
    https://wordpress.org/plugins/health-check/
    & let us see any results it displays.

    That’s it for now, I guess. Let’s see where it gets us.

    Thread Starter Tig2021

    (@tig1960)

    3 years, 5 months ago

    @abletec thank you for your reply.

    1) Dedicated server.
    2) Linux.
    3) https://www.woodlandtreasures.co.uk
    4) PHP 7.3 (was running 7.4, but that also caused problems, so reverted back a number to see if that helped).

    At the moment it’s difficult to login to the site (again) – browsers tell me
    “Error: cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.”

    Of course cookies are not blocked/not supported!

    =========

    Error logs as follows:

    [Fri Nov 13 23:02:38.496755 2020] [authz_core:error] [pid 18227] [client 176.56.56.102:37502] AH01630: client denied by server configuration: /home/woodlandtreasure/public_html/.user.ini, referer: https://www.woodlandtreasures.co.uk/.user.ini
    [Fri Nov 13 18:50:11.203647 2020] [access_compat:error] [pid 30270] [client 176.56.56.102:32880] AH01797: client denied by server configuration: /home/woodlandtreasure/public_html/wp-content/uploads/woocommerce_uploads/, referer: https://www.woodlandtreasures.co.uk/wp-content/uploads/woocommerce_uploads/
    [Thu Nov 12 10:19:36.021791 2020] [authz_core:error] [pid 16301] [client 114.119.139.198:37344] AH01630: client denied by server configuration: /home/woodlandtreasure/public_html/wp-content/uploads/sucuri/index.php
    [Thu Nov 12 10:19:36.005896 2020] [access_compat:error] [pid 16301] [client 114.119.139.198:37344] AH01797: client denied by server configuration: /home/woodlandtreasure/public_html/wp-content/uploads/woocommerce_uploads/
    [Thu Nov 12 10:19:36.005064 2020] [access_compat:error] [pid 16301] [client 114.119.139.198:37344] AH01797: client denied by server configuration: /home/woodlandtreasure/public_html/wp-content/uploads/wpcf7_captcha/
    [Thu Nov 12 10:19:36.004286 2020] [access_compat:error] [pid 16301] [client 114.119.139.198:37344] AH01797: client denied by server configuration: /home/woodlandtreasure/public_html/wp-content/uploads/wc-logs/
    [Tue Nov 10 23:04:10.918576 2020] [authz_core:error] [pid 21639] [client 176.56.56.102:46488] AH01630: client denied by server configuration: /home/woodlandtreasure/public_html/.user.ini, referer: https://www.woodlandtreasures.co.uk/.user.ini
    [Sat Nov 07 23:01:09.432893 2020] [authz_core:error] [pid 5096] [client 176.56.56.102:60252] AH01630: client denied by server configuration: /home/woodlandtreasure/public_html/.user.ini, referer: https://www.woodlandtreasures.co.uk/.user.ini
    [Sat Nov 07 11:11:45.111342 2020] [authz_core:error] [pid 29014] [client 114.119.154.181:7494] AH01630: client denied by server configuration: /home/woodlandtreasure/public_html/wp-content/uploads/sucuri/index.php
    [Thu Nov 05 23:47:50.999198 2020] [authz_core:error] [pid 26621] [client 114.119.152.54:58798] AH01630: client denied by server configuration: /home/woodlandtreasure/public_html/wp-content/uploads/sucuri/index.php
    [Thu Nov 05 23:47:50.978354 2020] [access_compat:error] [pid 26621] [client 114.119.152.54:58798] AH01797: client denied by server configuration: /home/woodlandtreasure/public_html/wp-content/uploads/woocommerce_uploads/
    [Thu Nov 05 23:47:50.973623 2020] [access_compat:error] [pid 26621] [client 114.119.152.54:58798] AH01797: client denied by server configuration: /home/woodlandtreasure/public_html/wp-content/uploads/wpcf7_captcha/
    [Thu Nov 05 23:47:50.972666 2020] [access_compat:error] [pid 26621] [client 114.119.152.54:58798] AH01797: client denied by server configuration: /home/woodlandtreasure/public_html/wp-content/uploads/wc-logs/
    [Wed Nov 04 23:05:29.406633 2020] [authz_core:error] [pid 13918] [client 176.56.56.102:41760] AH01630: client denied by server configuration: /home/woodlandtreasure/public_html/.user.ini, referer: https://www.woodlandtreasures.co.uk/.user.ini

    ==========

    I already have the Site Health plugin you refer to and it is showing a ‘Good’ status, with two recommendations – to update PHP and the following:-

    Warning The optional module, exif, is not installed or has been disabled.
    Warning The optional module, fileinfo, is not installed or has been disabled.
    Warning The optional module, imagick, is not installed or has been disabled.

    Of course I have further info from that plugin, but is it safe to post here?

    ===========

    .htaccess file …

    # BEGIN WordPress
    # The directives (lines) between “BEGIN WordPress” and “END WordPress” are
    # dynamically generated, and should only be modified via WordPress filters.
    # Any changes to the directives between these markers will be overwritten.
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>

    # END WordPress
    # BEGIN cPanel-generated php ini directives, do not edit
    # Manual editing of this file may result in unexpected behavior.
    # To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
    # For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
    <IfModule php7_module>
    php_flag display_errors Off
    php_value max_execution_time 1800
    php_value max_input_time 1800
    php_value max_input_vars 5000
    php_value memory_limit 1024M
    php_value post_max_size 64M
    php_value session.gc_maxlifetime 1440
    php_value session.save_path “/var/cpanel/php/sessions/ea-php70”
    php_value upload_max_filesize 64M
    php_flag zlib.output_compression Off
    </IfModule>
    <IfModule lsapi_module>
    php_flag display_errors Off
    php_value max_execution_time 1800
    php_value max_input_time 1800
    php_value max_input_vars 5000
    php_value memory_limit 1024M
    php_value post_max_size 64M
    php_value session.gc_maxlifetime 1440
    php_value session.save_path “/var/cpanel/php/sessions/ea-php70”
    php_value upload_max_filesize 64M
    php_flag zlib.output_compression Off
    </IfModule>
    # END cPanel-generated php ini directives, do not edit

    # php — BEGIN cPanel-generated handler, do not edit
    # Set the “ea-php73” package as the default “PHP” programming language.
    <IfModule mime_module>
    AddHandler application/x-httpd-ea-php73 .php .php7 .phtml
    </IfModule>
    # php — END cPanel-generated handler, do not edit

    • This reply was modified 3 years, 5 months ago by Tig2021.
    • This reply was modified 3 years, 5 months ago by Tig2021.
    abletec

    (@abletec)

    3 years, 5 months ago

    Tig1960, please accept my apologies. I was away yesterday.

    Let’s look at a few things.
    1) Please examine your public_html directory in terms of its ownership. This should be owned by the webserver group. Often that’s ww-data, but it varies w/operating systems/webservers. If you’ve set ownership to be by your home user, then please ensure that that user is indeed a member of the webserver group.
    2) Directory permissions are generally set to 644, file permissions to 644 or 755.
    3) It might well be helpful to look at your server error logs. Specifically I’m wondering if your session data is being saved to a writeable directory–that’s 1 thing. I’m also receiving lots of errors such as:
    DevTools failed to load SourceMap: Could not load content for https://www.woodlandtreasures.co.uk/wp-content/themes/Divi/includes/builder/frontend-builder/build/frontend-builder-global-functions.js.map: HTTP error: status code 404, net::ERR_HTTP_RESPONSE_CODE_FAILURE

    So it seems as though your theme isn’t loading properly.

    Feel free to share any errors from your logs you think might help.

    Thread Starter Tig2021

    (@tig1960)

    3 years, 5 months ago

    @abletec no worries for the delay, everyone needs time off!

    Thanks for the info – really useful.

    The hosting company say that the permissions are all set correctly, but go on to say that I’ll need a developer to check session data is being saved to a writeable directory. Isn’t that something I could check myself? If so, how do I do that?

    I’ve sent another message to the theme creators to ask about the theme not loading properly, so will see what they come up with.

    I will let you know what transpires.

    Thanks once again.

    Thread Starter Tig2021

    (@tig1960)

    3 years, 5 months ago

    @abletec

    The permissions set on public_html is apparently correct – have now double-checked that with the host.

    Some info from the theme creators regarding the “DevTools failed to load SourceMap”. They say:

    ===========

    “And regarding to the error ( .js.map ):

    You can ignore that. we intentionally include the sourceMappingURL to minified js files even on production website. We only include the sourceMappingURL without actual map files to make the debugging of production websites easier for us, because we can use the sourcemap files from our side. This is not on new version, we started to do that almost a year ago, but it only was inside the Visual Builder, but now we minify all js files on FE, therefore similar warning appear there.
    This warning is not an error and it doesn’t affect the website functionality. You can even see similar warning from WP files in admin, you can check that on this screenshot:”

    The screenshot says: DevTools failed to parse SourceMap: http://localhost/wordpress/wp-includes/js/tinymce/skins/lightgray/skin.min.css.map

    ===========

    I’m not sure what is left to try. The theme creators want me to tell them what the problem is all over again – I’ve been through all that so many times with them that I can’t face it again! They always say the same thing over and over… and none of it works.

    So maybe I just need to check session data?

    abletec

    (@abletec)

    3 years, 5 months ago

    Tig1960, any possibility you could check your error logs from LiteSpeed?

    When I face a problem like this, 1 of the things I do is to strip down. No–I don’t mean me–that would be distinctly unhelpful, & this is, after all, a public forum–but I do mean that I take it down to a default theme and no plugins & see what I get. If errors are occurring there, then I know this is some sort of misconfiguration, or, the Dear Lord forbid, a site compromise. I’m not seeing evidence of that, please understand, but sometimes one doesn’t.

    If, on the other hand, things work as anticipated, then I begin introducing things 1 by 1, trying stuff after each introduction till stuff goes pear-shaped.

    Error logs in this situation, though, are often very very helpful, & seeing what your server’s putting out in that regard might well help us solve this. I know you said you’ve done this previously, but viewing error logs while doing so may well prove helpful.

    Often, there are error logs in WordPress’s root folder, as well as subfolders. As well, you’ve got CPanel, & that, too, at times has error logs. You told us you have a dedicated server, & logs are often located in /var/log/webservername, but again, there are no standards in this regard & it varies from system to system.

    I appreciate you translating the screen shot. I was at some point going to ask you to do that for me. I happen to be completely blind now, & the program I use to make my computer talk to me doesn’t read screen shots by default, & the use of optical character recognition is often inaccurate enough to be really unhelpful. So thanks for that, &, if you post a screenshot for normally sighted volunteers, please just give me a quick translation so I can be of more help, since I’m who you’ve got at this point :). I seriously hate to impose, but…

    My tendency at this juncture is to suspect a misconfiguration of some sort, but whether it’s on the server level or something in WordPress itself I’m uncertain. I don’t give up easily, though. I do find that dedicated servers are tough for folks to manage unless they have a shipload of technical expertise, & I don’t advise them for the general website user for that reason. You seem to be handling this quite admirably, though, so you may well be 1 of those folks who could actually benefit from a racecar as opposed to the typical family vehicle, as it were.

    I’m certainly willing to look at error logs if you post them.

    The other option you’ve got is to post a job on
    jobs.wordpress.net
    under performance or general. Obviously be sure you know you can trust anyone to whom you give your CPanel/WordPress credentials before doing so, which is a disadvantage of doing that. You might wish to advise us you’ve done that.

    If I think of anything else (I’ve written this w/o a full quota of coffee on board), I’ll reply this topic. I’m still very much interested in continuing to try to troubleshoot this–I always like a good investigation–sorry it’s at your expense–but obviously I need a few more tools now to obtain the info necessary to solve this.

    Give it some thought, & let us know what you decide &/or post error logs.

    Thread Starter Tig2021

    (@tig1960)

    3 years, 5 months ago

    @abletec Thank you again for your reply and persistence – much appreciated. As you say, better not strip down in public!

    The site currently has a problem as I write this and I have, again, renamed the plugins folder and tried a default theme – problem still there. I don’t think the site has been compromised, as there is no ‘suspect’ activity… I went through the site with a fine tooth comb a week or so ago. I’ve scanned it several times too.

    Here are the error logs for you. It’s the same error repeated over and over, so I haven’t included it multiple times!

    [16-Nov-2020 16:30:15 UTC] PHP Warning: include_once(/home/woodlandtreasure/public_html/wp-content/plugins/wp-super-cache/wp-cache-phase1.php): failed to open stream: No such file or directory in /home/woodlandtreasure/public_html/wp-content/advanced-cache.php on line 22

    Thread Starter Tig2021

    (@tig1960)

    3 years, 5 months ago

    Am thinking that if I set WP_CACHE to false in wp config (it’s set to true), it might help?

    Thread Starter Tig2021

    (@tig1960)

    3 years, 5 months ago

    Okay, have done that and it is working, but not sure if it really is working or not. I had to clear the cache and cookies to check, so maybe the intermittent problem had already stopped. I suppose only time will tell…

    abletec

    (@abletec)

    3 years, 5 months ago

    tig1960, please also (for now) delete the super cache plugin. If you find a file called advanced-cache.php in wp-content, please delete also.

    Try introducing your theme now please & see how that goes.

    abletec

    (@abletec)

    3 years, 5 months ago

    The other thing that’s troubling me at this juncture is that /wp-admin should bring me to a login page if this is a default install, & it’s not. So clearly something is still not at its default setting.

    Thread Starter Tig2021

    (@tig1960)

    3 years, 5 months ago

    @abletec – thank you.

    I’ve deleted the plugin, although the problem was there before the plugin was installed. I installed a caching plugin because someone on here suggested I should.

    There is a hidden login page, which is why you can’t see the default one. I could disable the plugin that does that?

    abletec

    (@abletec)

    3 years, 5 months ago

    Again, tig1960, the key at present is to strip down to a default install. Once we know that’s working, then we can begin to introduce various functionality to see if it breaks the site. First the theme, then essential functionality such as WooCommerce, then functions like hiding the login, etc.

    Caching is frosting on the cake. We add it last when the site is working well & changes don’t need to be made, else we risk missing these.

    If you’re going to use a caching plugin, you may wish to look at the LiteSpeed caching plugin for WordPress, since that appears to be the webserver software you’re using. But that is truly the icing, or even the decorations atop the icing, as it were, if I make my analogy clear.

    The problem w/intermittent site issues is just as you say–you never know whether the site’s working because it’s fixed or whether it’s just a querk in the intermittent nature of the site.

    Now that coffee is on board & brain is as fully engaged as it can be, you might also wish to look at your resource usage under CPanel to see if you’re hitting any limits. That, too, may also be very instructive.

    Lastly, if things continue to go weird, I can offer you space on my server to build an identical staging site to see if the problems are duplicated there. A site is only as good as the platform it’s built on, after all.

    Thread Starter Tig2021

    (@tig1960)

    3 years, 5 months ago

    @abletec

    Thank you. I’ve deactivated the login plugin to start with, just in case that is causing a problem, but hard to know why when I’ve deactivated all plugins and the themes and the problem is still there. In fact, I’m not seeing a “This page isn’t workingwww.woodlandtreasures.co.uk redirected you too many times. Try clearing your cookies.ERR_TOO_MANY_REDIRECTS” message!

    Thanks for the offer of space. I suppose hosting it as it is (rather than stripping it down) is the best way to start, rather than taking the site apart and adding.

    I do have another site that was having similar problems, but not sure if it still is (because it isn’t when I look). That site was behind a Sucuri firewall, and interestingly, what Sucuri said about this was:-

    Hello, thank you for your reply.

    Unfortunately, as we’re not web developers, we don’t have a very in-depth knowledge in this area I’m afraid. All we can tell for sure is that the 404 issues have presented itself without the firewall in place.

    This issue really seems to be server/permissions related as the resources are certainly there but they seem to be intermittently inaccessible.

    A resource that I have seen experiencing ‘404 Not Found’ errors is currently working perfectly fine:

    (Address of resource was here)

    However, the following tests made direct to your hosting server is showing the intermittent issue:

    Sydney
    Able to replicate? Yes
    https://www.webpagetest.org/result/201105_DiF2_daf8bf910bbbaebfba30bc8f1828e7ad/

    Tokyo
    Able to replicate? Yes
    https://www.webpagetest.org/result/201105_DiMW_08213f3b8729155b05fc995541dec03b/

    Dallas
    Able to replicate? Yes
    https://www.webpagetest.org/result/201105_DiPZ_26ba1304f95f7f4ce7ed69db8b72e427/

    I checked through your file structure but don’t see anything that would be causing this.

    Unfortunately, you may need to continue following this up with your Server Administrator to determine why your hosting service intermittently serves 404’s for your static resources. The above webpagetest.org tests should highlight the issue.

    Kind regards,

    • This reply was modified 3 years, 5 months ago by Tig2021.
    • This reply was modified 3 years, 5 months ago by Tig2021.
    abletec

    (@abletec)

    3 years, 5 months ago

    You know, tig1960, this reminds me very much of a support request I did quite a few years ago now. This gentleman, interestingly enough, was also from Scotland, if memory serves, & I’m pretty sure about that, as I recall sharing w/him that my stepmom was from there. He was having similar issues to yours, I made a similar offer of server space, he accepted, & the site worked like a charm. When he confronted his host w/that evidence, they pretty much told him what he could do w/it, & he moved on to another host, where he, I believe, ended up much happier. I’ll see if I can find where he hosted. It’d be interesting if it’s the same place.

    It’s been quite a few years now, though, so it isn’t exactly gonna be easy.

Viewing 15 replies - 1 through 15 (of 27 total)
1 2
  • The topic ‘403 (Forbidden) & net::ERR_ABORTED 404 (Not Found)’ is closed to new replies.