[RESOLVED]
"Access forbidden!
You don't have permission to access the requested object. It is either read-protected or not readable by the server.
If you think this is a server error, please contact the webmaster. "
[SOLUTION]
The problems, however, start when the browser is trying to access these files.
Problem #1. The FollowSymLinks option causes me an Internal Server Error because my hosting provider has disabled use of this directive. In my environment I know I can safely comment this line out just like I did in the main .htaccess file in the Drupal installation directory. This is because the FollowSymLinksIfOwnerMatch is enabled instead. One down, one to go.
Problem #2. The content of the .htaccess file is now effectively as follows:
SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
Options None If I comment out Options None, I can access the files as intended. This configuration change is, however, something that I am not going to do unless I know for sure that Apache is configured safely - I don't want to open my site for remote arbitrary code execution.
Reference: https://www.drupal.org/node/813196
No comments:
Post a Comment