Installation went great, but when I click on the domain.com/delavo link to log in I get a 403
Also happens when address entered directly.... I know I'm missing something, any ideas?

Forbidden

You don't have permission to access /delavo/auth/login.html on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

From what I can understand, since installation went smooth it would be
a problem with hosting/permissions/scripts running on your hosting server.

I would either have your host look into the problem, or contact support
(http://help.use-sell.com/) and pass all your information to them concerning
your Delavo installation, as well as FTP login details so they can login and
see if anything is the matter.

If installation went ok, then there might be a problem with .htaccess or
something else.

- Robert

Error was caused by PhpSuExec. Host resolved.

how did you correct this? this is same problem i have. 403 forbidden on hostgator

thanks for help...its all good now. hostgator had to adjust mod security issues. and, woohoo this is soo much easier to use than fantasos..:)

how did you correct this? this is same problem i have. 403 forbidden on hostgator


???

i had to contact my hosting provider (hostgator), it was a mod security issue they had to fix.

Hi,

I use Hostgator and had the same issue but they fixed it almost instantly after I submitted a ticket (literally within 5 minutes) so they seem to be aware of the problem - great support!

Regards
Dave Ovenden

After getting the blank login screen issue sorted out I also ran into this problem and submitted a ticket to HostGator support. They were able to fix it within minutes and responded with "This issue has now been corrected. You were flagging a rule within mod_security which is now whitelisted."

One reason I love HostGator (aside from the "unmetered everything" for $10/month.. lol), most of the time their support is excellent.

quick tip...this is how i did it with hostgator...all you need to do is talk with live chat to fix problem instead of goin through email..much more faster. its fixed while your chatting.

I also face this problem, and I try the live chat.
It seems that there are some setting need to be fixed using support ticket.
I am now waiting for answers.

Thanks for the thread. Same issue. Took the advice, Got HG Help Live and resolved in minutes! joe :)

When I did my install I got the 403 also, I had to chmod to 755 not only the folder I was installing in but also delavo-jin.par.

There may be some other to chmod to do also.

Had the same problem, Hostgator fixed it up within minutes after submitting a support ticket. Outstanding customer service. Always has been with HG.

However, and I thought this was important to bring up as I have no clue what the heck this "attack" they speak of is, they sent an additional note telling me to be sure that any and all scripts I have running on my site containing Delavo was protected against a "Remote File Injection" attack.

What the heck is that????!

Never heard of this before in my life. Should I be concerned about this? And if so, how do I be sure and protect my scripts from being attacked by it?


Tracy

A "remote file injection" is an attack that was being used against a lot of forums, blogs and pictures galleries recently. Basically some scripts that allow you to upload files to a web host have a security flaw that allows you to upload a file containing PHP (or other server-executable) code and actually cause that code to be executed on the server.

If you've seen the recent threads in certain forums (it's been happening a lot for at least the past few months) where people were complaining that their sites were hacked and some code was added to all of the .php files on their site, that happened because of a remote file injection attack. I don't know if it's still there, but about a week ago there was a long thread discussing this attack on the simplemachines.org forum. Turns out the SMF forum software, up to and including versions 1.1.8 and 2.0 RC 1, was vulnerable to this attack and forums running that software were being hacked on a daily basis. SMF 1.1.9 (the version this forum is running) and 2.0 RC 1-1 have been fixed so this particular attack is no longer possible.

DELAVO is written in perl, I'm a PHP programmer myself and don't know the first thing about perl so I couldn't tell you if DELAVO is vulnerable to this kind of attack or not. It could be that the HostGator is being overly paranoid about any script that allows anyone (even if it's only the admin) to upload files to the server and set their mod_security rules a little too strict. I think it's funny that the versions of SMF that have fixed this vulnerability are (according to HostGator support) flagging a "record number" of mod_security rules on their servers.. lol.. but it wouldn't be the first time a host overreacted to such a major security hole and personally if it means my site is more secure I'd rather have them lock that door as tight as possible and only unlock it on request.

Hello. I talked to HostGator and they said it was fixed. Then I got a 500 error, and they looked at my .htaccess and said the problem was in there and said that I had "a lot of stuff in there"

What do I do now?

Thanks.

John.

Hello. I talked to HostGator and they said it was fixed. Then I got a 500 error, and they looked at my .htaccess and said the problem was in there and said that I had "a lot of stuff in there"

What do I do now?

Thanks.

John.


Hi John,

Personally, I start looking for another host who can help (although to be fair to Hostgator they are usually helpful).

I notice there is at least one .htaccess expert here - perhaps you can ask him to look?

Brian

John, check your file permissions, someone else had the same problem. Make sure your jin.cgi is set to 755 or you'll get a 500 error.

I don't know why it's happening for some people and not others (my permissions were fine "out of the box"), but for some reason a few people have had problems with jin.cgi being set to 644 instead of 755. Also check your .htaccess and make sure HostGator support didn't comment out this line (make sure there isn't a # in front of it):
RewriteRule ^$ main.html [NE,L]

It should be line 25 of your .htaccess file in your delavo install directory, if there's a # at the beginning of the line make sure you remove the # or the script won't work.

Much thanks for this thread. If you host with hostgater you do need to contact them to modify a security issue. You will need to include the exact link that brings up the error.

Once I got this sorted everything worked fine. It's well worth persevering.

Phill

Hostgator live support are fixing the issue for me as I type this.

They looked at the error logs to determine the mod_sec rule being hit. I've always found them very helpful.

Amin

Hostgator live chat ( upper right corner on there website ) fixed the problem during live chat within 2 minutes after giving them the URL ( yourdomain.com/delavo or whatever ) that causes the error.
For my opinion that is a super service and no need to look for another host ;)