Questions[http-status-code-403](server)

I run a website that lets users login to their account via Google. For over a year, everything worked great - until a few days ago, when Google started throwing 403 errors when the server tries to access any of their OAuth certificate listing API endpoints.

For example:

$ curl 'https://www.googleapis.com/oauth2/v1/certs'
...
<p><b>403.</b> <ins>That’s an error.</ins>
  <p>Your client does not have permission to get URL <code>/oauth2/v3/certs</code> from this server.  <ins>That’s all we know.</ins>
...

This request works fine on every other server that I've tried it on, and it worked for years. I'm not sure why this so suddenly started happening.

The server has its own IP, though it is hosted on a small, no-name VPS provider. My initial thought was rate limiting, but I've added logs and don't see many requests being made. The only other thing I can think of is IP address reputation problems, by being close in address to an abuser? Not sure how/if that is solvable.

Any ideas on how to fix/debug this? Any help would be greatly appreciated!

This is what i have in my httpd.conf

<VirtualHost *:80>
        ServerAdmin [email protected]
        ServerName mcmoddr.com
        ServerAlias www.mcmoddr.com
        DocumentRoot /home/mcmoddr/www/
        ErrorLog /mcmoddr/logs/error.log
        CustomLog /mcmoddr/logs/accesslog combined
</VirtualHost>

When visiting thwe site i get a 403 Forbidden error, The files are added with vsftpd and have the permissions drwxr-xr-x

I'm running a server:

Apache/2.2.8 (Ubuntu) mod_ssl/2.2.8 OpenSSL/0.9.8g

Without a .htaccess file, everyone can access the web content. However, I add a .htaccess file with the following content:

Allow from all

... and everyone gets 403 Forbidden errors on every page! The permissions on .htaccess are 640. Shouldn't Allow from all be the same as having no .htaccess file? What have I done wrong?

edit: same behaviour with the following .htaccess file:

Order Allow,Deny
Allow from all

Again, with no .htaccess file everything loads without a problem.

I am creating an iOS application which allows users to send image/text data to my webserver via a POST request. I am successfully sending POSTs to the server when image data is not included in the request. Any time I POST with image data the server spits back a 403 forbidden. I have tried adding the following to the .htaccess file in the directory of the script with no luck:

Options +Indexes FollowSymLinks +ExecCGI
Order allow,deny
Allow from all

Web browsers and Android devices can successfully POST with image data to the script, the only device which cannot is the iPhone.

POSTing with data to other hosting providers works as expected - it is just this host (ipowerweb.com).

I noticed that when I try to POST with data to any script on the server it returns a 403 forbidden. Another note: I can successfully post to another server that is hosted by ipowerweb, but mine can't seem to handle it.

My host has tried to resolve the issue but cannot, and they have marked it on their end as "resolved", so no more help from them. I wish to keep this host as moving would be a pain - I will change hosts as a last resort, so please help me!

Why am I getting this 403 forbidden error only when I submit data via my iPhone application?

How can I resolve the issue so I can successfully POST data?

Any advice on what I can do would be greatly appreciated.

edit: as request, here are the response headers:

{
    Connection = close;
    "Content-Length" = 217;
    "Content-Type" = "text/html; charset=iso-8859-1";
    Date = "Wed, 12 Jan 2011 19:11:19 GMT";
    Server = "Apache/2";
}

edit: as request here are the request headers(oops):

{
    "Accept-Encoding" = gzip;
    "Content-Length" = 5781;
    "Content-Type" = "multipart/form-data; charset=utf-8; boundary=0xKhTmLbOuNdArY";
    "User-Agent" = "YeahIAteThat 1.0 (iPhone; iPhone OS 4.2.1; en_US)";
}

On my Mac OS 10.5 machine, I would like to set up a subfolder of ~/Documents like ~/Documents/foo/html to be http://localhost/foo.

The first thing I thought of doing is using Alias as follows:

Alias /foo /Users/someone/Documents/foo/html

<Directory "/Users/someone/Documents/foo/html">
    Options Indexes FollowSymLinks MultiViews

    Order allow,deny
    Allow from all
</Directory>

This got me 403 Forbidden. In the error_log I got:

[error] [client ::1] (13)Permission denied: access to /foo denied

The subfolder in question has chmod 755 access. I've tried specifying likes like http://localhost/foo/test.php, but that didn't work either. Next, I tried the symlink route.

Went into /Library/WebServer/Documents and made a symlink to ~/Documents/foo/html. The document root has

Options Indexes FollowSymLinks MultiViews

This still got me 403 Forbidden:

Symbolic link not allowed or link target not accessible: /Library/WebServer/Documents/foo

What else do I need to set this up?

Solution:

$ chmod 755 ~/Documents

In general, the folder to be shared and all of its ancestor folder needs to be viewable by the www service user.