Web Context Urls

Hi

Im new to Lucee and troubleshooting an issue. I have been researching everywhere for this issue but not able find anything helpful.

Im in the admin on the overview page and in the section below, Web Context. I only have 2 environments, QA and Prod, no Dev, that has URLs in the web context. I need to get the datasources the websites are using. I click the URLs and get a Forbidden, you dont have permission to access /lucee/admin/web.cfm. i get this for all sites in both QA and Prod environments. there is no issue with the actual sites the customer is seeing. its just in the admin.

If I click at the very top right tab Web, which goes to the EX: 127.0.0.1:8888/lucee/admin/web.cfm. and that works fine. the issue lies under the web context section. Im on a linux server. we have restarted the server and previous owner doesnt know how long this has been going on. i have check my permissions and they look ok

Any help appreciated.

Thank you

OS: Linux
Java Version: 1.8.0_121
Tomcat Version: 8.5.11
Lucee Version: 5.2.9.31

Hi and welcome,

Lets go step by step… first you need to find out what is causing the forbidden page. There are various possibilites, but we also need to be sure we understand what you are experiencing.

First: Make sure you are trying to access the admin of the web contexts directly through port 8888. If you are still getting a 403 forbidden response through port 8888, check if you have some type of URLrewrite installed within Tomcat: You might have Tuckey installed or Tomcats URLrewrite valve and a rule that blocks the web admin. You need to get rid of that rule.

1 Like

What distro and kernel version of “linux”
if not sure, run uname -a

SElinux on or off, if not sure
sestatus

I would look at your httpd.conf or your WAF rules. I typically lock down the /lucee/ directory.
if you are not sure, then post in a url to your httpd.conf in pastebin here.

most likely the webserver has been correctly locked down as per Lucee Lockdown Guide :: Lucee Documentation

1 Like

HI
thanks for getting back to me. Im a newbie to all this, even the servers, im a straight developer.

Andreas - how do i find out if i have access the admin of the web contexts directly through port 8888?
Zackster - reading document.
Terry - ran uanme i get: Linux servername.nel.savvis.net and a bunch of numbers
SEliniux - enabled
I will update with my findigs

Access the admin with the port 8888 in the url, like this locally from the servers browser:
http://your-domain.tld:8888/lucee/admin/web.cfm

Are you able to connect?

Yes I am able to either by going to the URL or going to the web tab at the top right

Can’t you login to that?

i can log into that. but it doesnt show my datasources for the websites that it created for each individual one. nothing is wrong with this, which is odd. its the url links underin the web context i click to go to their own web admin page and i get the forbidden page. all error paths are the same: /lucee/admin/web.cfm
but if i go to 127.0.0.1:8888/lucee/admin/web.cfm i get no error

Wait, I really can’t follow…This is confusing. Maybe I might need some coffee… But… You are saying you can log into your web contexts administration of each domain by going to http://your-domains:8888/lucee/admin/web.cfm from the servers browser, right? And you can’t see any datasource in that web administrator in the datasource section? If you can’t see any datasource registered there, how and where exactly are you getting the 403 forbidden page then? Maybe you should look into your application.cfc. The datasource might be set there instead.

Hopefully I can explain this more clearly
Once I log in, I can go to the top right of the admin screen where it says in 2 tabs server and web. if i click the web tab, i go to http://127.0.0.1:8888/lucee/admin/web.cfm and this works fine. i can see everything with no issue.

When Im on the server tab in the overview, if i scroll down to the web contexts section, click the url that is created in that section, which should take me to the web tab for that site, i get the 403. “Forbidden, You don’t have permission to access /lucee/admin/web.cfm on this server.”

the URL for the site that the web contexts is using is https://myURL.com/lucee/admin/web.cfm. any and all urls under this section dont work.

That URL will use IIS by accessing port 443, and that URL is probably locked down in the IIS configuration, following good security practices. When following good security practices it should do exactly that: send a 403 forbidden. But, you should still be able to access the very same URL by accessing Tomcat directly (bypassing IIS) through port 8888 by adding the port and changing the protocol (from https to http) of that URL like this: http://myURL.com:8888/lucee/admin/web.cfm . Make sure to access that URL locally from a browser on that server.

I am not sure where the URL in the server context is read / created from.
But on “mine” Lucee 5.3.10.79-RC
The URL for the Web Admin is “correct” in the “Server” overview page.

Could you re-test on a later version of Lucee and see if you still have the same problem?
Also,
How did you install Lucee?
Did you upgrade in place from a previous version?
Did you manually install tomcat? or use the Lucee installer for everything?
Have you done any XML editing of the Lucee / Tomcat configs?

1 Like

i am on apache and linux. i cant get to a window on the server. i have tried putty commands and not succeeding.

these are the only apache linux servers i manage. these servers were setup and the person has left. im learning from scratch.

How have you been able.to browse to the lucee server admin then? Tunneling? You should try connecting to the web admins just the same way as you did to your server admin.