Im new to Lucee and troubleshooting an issue. I have been researching everywhere for this issue but not able find anything helpful.
Im in the admin on the overview page and in the section below, Web Context. I only have 2 environments, QA and Prod, no Dev, that has URLs in the web context. I need to get the datasources the websites are using. I click the URLs and get a Forbidden, you dont have permission to access /lucee/admin/web.cfm. i get this for all sites in both QA and Prod environments. there is no issue with the actual sites the customer is seeing. its just in the admin.
If I click at the very top right tab Web, which goes to the EX: 127.0.0.1:8888/lucee/admin/web.cfm. and that works fine. the issue lies under the web context section. Im on a linux server. we have restarted the server and previous owner doesnt know how long this has been going on. i have check my permissions and they look ok
Lets go step by step… first you need to find out what is causing the forbidden page. There are various possibilites, but we also need to be sure we understand what you are experiencing.
First: Make sure you are trying to access the admin of the web contexts directly through port 8888. If you are still getting a 403 forbidden response through port 8888, check if you have some type of URLrewrite installed within Tomcat: You might have Tuckey installed or Tomcats URLrewrite valve and a rule that blocks the web admin. You need to get rid of that rule.
What distro and kernel version of “linux”
if not sure, run uname -a
SElinux on or off, if not sure
sestatus
I would look at your httpd.conf or your WAF rules. I typically lock down the /lucee/ directory.
if you are not sure, then post in a url to your httpd.conf in pastebin here.
HI
thanks for getting back to me. Im a newbie to all this, even the servers, im a straight developer.
Andreas - how do i find out if i have access the admin of the web contexts directly through port 8888?
Zackster - reading document.
Terry - ran uanme i get: Linux servername.nel.savvis.net and a bunch of numbers
SEliniux - enabled
I will update with my findigs
i can log into that. but it doesnt show my datasources for the websites that it created for each individual one. nothing is wrong with this, which is odd. its the url links underin the web context i click to go to their own web admin page and i get the forbidden page. all error paths are the same: /lucee/admin/web.cfm
but if i go to 127.0.0.1:8888/lucee/admin/web.cfm i get no error
Wait, I really can’t follow…This is confusing. Maybe I might need some coffee… But… You are saying you can log into your web contexts administration of each domain by going to http://your-domains:8888/lucee/admin/web.cfm from the servers browser, right? And you can’t see any datasource in that web administrator in the datasource section? If you can’t see any datasource registered there, how and where exactly are you getting the 403 forbidden page then? Maybe you should look into your application.cfc. The datasource might be set there instead.
Hopefully I can explain this more clearly
Once I log in, I can go to the top right of the admin screen where it says in 2 tabs server and web. if i click the web tab, i go to http://127.0.0.1:8888/lucee/admin/web.cfm and this works fine. i can see everything with no issue.
When Im on the server tab in the overview, if i scroll down to the web contexts section, click the url that is created in that section, which should take me to the web tab for that site, i get the 403. “Forbidden, You don’t have permission to access /lucee/admin/web.cfm on this server.”
That URL will use IIS by accessing port 443, and that URL is probably locked down in the IIS configuration, following good security practices. When following good security practices it should do exactly that: send a 403 forbidden. But, you should still be able to access the very same URL by accessing Tomcat directly (bypassing IIS) through port 8888 by adding the port and changing the protocol (from https to http) of that URL like this: http://myURL.com:8888/lucee/admin/web.cfm . Make sure to access that URL locally from a browser on that server.
I am not sure where the URL in the server context is read / created from.
But on “mine” Lucee 5.3.10.79-RC
The URL for the Web Admin is “correct” in the “Server” overview page.
Could you re-test on a later version of Lucee and see if you still have the same problem?
Also,
How did you install Lucee?
Did you upgrade in place from a previous version?
Did you manually install tomcat? or use the Lucee installer for everything?
Have you done any XML editing of the Lucee / Tomcat configs?
How have you been able.to browse to the lucee server admin then? Tunneling? You should try connecting to the web admins just the same way as you did to your server admin.
Thank you Andreas for everything. I have FINALLY got admin access to the linux server. I have been changing some folder access and reading up on mod_cfml. and making sure all httpd files are correct and still nothing.
The web server is what Im trying to get to, thru the URLs links that are created under web contexts. i have added :8888 to the urls, i have not changed anything in any config files. and i have updated my admin and still nothing. I have looked in the logs and nothing is being recorded of this error.
Im not familiar with tunneling.