Images not showing (403 forbidden when trying to access them directly)

[Redgie]

Hi there, second time poster here.

I've had a search around and couldn't find anything directly related to my problem, though I'm 100% sure there must be somewhere.

Basically, the images on my forum are not loading, and when you try to access them direct, you get a 403 forbidden error.

I'm suspecting that this is caused by the files in the installation being configured to not allow access from guests or something, but they are as far as I know all set to 777 or 755 in the properties.

I don't know if posting links is allowed or not, if it isn't, please alert me and I will remove them immediately.

www.redgies-rp.co.uk/forum <-- Forum
www.redgies-rp.co.uk/forum/themes/images/smflogo.gif <-- Example of 403 forbidden

I have emailed my host, but they are taking an age to respond, probably because it's sunday.

I am using SMF 2.0 Beta 4. Freshly insalled on the host.

[Deprecated]

Log in to your cPanel file manager, or use your FTP program, and verify that there is no .htaccess file in your images directory. That's a dot followed by 'htaccess' for the file name. If there is any such file, rename it to something else and see if that fixes your problem. Please also check in your root directory for same.

[Redgie]

Thankyou, that has fixed the issue. I had thought to try that before, but I remembered a message during the SMF installation about mod_security, and the only way to disable it was to use .htaccess. What exactly are the risks of not having .htaccess now that it is already installed?

[Deprecated]

SMF has absolutely no requirement for any .htaccess file and is designed to be secure on its own without it. In fact most SMF installations do not use this file at all. And remember, you just discovered how well SMF works with it, right?

Apache configuration directive files (.htaccess) are used for a wide variety of functions which are not security related at all. For example my Apache Error Handler modification package uses this file to catch errors such as attempting to access files that are not there, by displaying an error page for the user and also logging these events so that the administrator can investigate why there are missing pages. Another use is the prevention of hot linking images.

If you like, please either quote your .htaccess file between [code] and [/code] tags or attach it to your next post and I can tell you what your file was attempting to do. Also please describe which directory you found it in.

[Redgie]

No worries, I just checked through the file and found that all it was really doing was blocking IP's that no longer need to be blocked.

Thanks alot for the help

[Deprecated]

Just use IP bans from within SMF to accomplish the same thing. The only additional you can get with your .htaccess file is to prevent your site from being viewed at all, but with SMF IP bans you can enjoy seeing your banned person trying to get in, and you also have the opportunity to send them a personalized message. When I get out my ban hammer I use the occasion to be very creative in which messages I send to which banned persons. Unfortunately my best ban messages are not suitable to be posted here at SMF.

You're welcome! Have fun with your SMF! Seeya in another topic.