Jump to content

403 error admin while visiting admin back office


Recommended Posts

If "all of a sudden", it means you should contact your hosting provider and ask them to look at the web server error logs to determine what resource the web server says access is being denied. Your hosted account's control panel may have a web server error log, or a way to turn it on for a day.


Link to comment
Share on other sites

So I got this error:

[02-Jul-2023 05:16:33 UTC] PHP Warning:  Stored session data did not match DB record. Session aborted as possible session hijack. Old IP Address: '' New IP Address: '' Old User Agent: 'Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) Chrome/103.0.5060.134 Safari/537.36' New User Agent: 'Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) Chrome/ Safari/537.36' in /home/at4gprieu0fh/public_html/loteriagringa.com/play/classes/session.class.php on line 719

Link to comment
Share on other sites

I haven't verified that the IP addresses belong to BingBot, but this Warning, generated by CubeCart, happens on occasion when an entity (Google, Bing, residential internet connection, sometimes cell phones, sometime Chrome - which seems to upgrade every hour) uses the same cookie but is using a different IP address or web browser/version. This will drop the session (like when logging out), but will not cause a 403 response.

The 403 response... Did the page shown appear to be a CubeCart page, or a very plain-looking 403 page?

The page should have been initiated by the web server.

However, CubeCart will log the response code, whatever it is, when CubeCart makes a "Request" to a third-party site. But it won't crash CubeCart.

There is a new feature in CubeCart, a "cron" capability, that if an external request is made to that capability, but with bad data, will simply quit (looks like a crash) having sent a 403 code in the HTML 'header'. But this doesn't happen trying to login to admin.

There is also a new feature whereby CubeCart uses ElasticSearch as a search engine that gets coupled to the MySQL database. I see evidence that the ElasticSearch server might send a 403 response back to CubeCart, but, I think, that won't cause CubeCart to crash.

Where was this error seen? In PHP's error log available in your hosted site's control panel?

Try to find the web server's error log. You might need to get your hosting provider's help.

Edited by bsmither
Link to comment
Share on other sites

I don't know, I have been online with tech and they say that it not a server issue, but it has to be:


Mon Jul 03 14:37:32.898873 2023] [access_compat:error] [pid 1068913:tid 47842727057152] [remote] AH01797: client denied by server configuration: /home/at4gprieu0fh/public_html/loteriagringa.com/play/admin_cxctg5.php

Are there any further testings i can do on my end? This is the one that was giving the error before until I added "?_g=phpinfo" after https://www.loteriagringa.com/play/admin_cxctg5.php

Link to comment
Share on other sites

From a search on the Internat, most hits coming from ServerFault.com, that AH01797 most definitely points to the web server having been upgraded to v2.4 from an earlier version, and not using a new configuration syntax for something.


Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...