Joomla 1.5 403 Forbidden Error Solution

Since Joomla 1.5 has been closed up, we have been having more and more issues with the sites on our servers that were developed with it. While some clients have agreed to redesign their sites [optionally by us, at an additional fee of course], some are still trying to hold on to their obsolete site. Those that have refused to upgrade, are giving us more problems, especially when the sites develop issues and we have to sort them out 'quickly'.

The latest issue was the '403 Forbidden' one below. A Joomla 1.5 site suddenly started showing the '403 Forbidden Error'. After almost two hours of searching and digging, the solution was so simple.


First Thing First

Do not skip the error logs in your server. Yes you may try to sort it out faster like I did, by playing the 'guess what it is' game, but trust me, the error log saves time. Digging into the logs showed this error:

Joomla 1.5 Permission denied:...public_html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable 

Prior to that I was just searching the internet with the 403 forbidden error. The new error from the log led me to a simple explanation which I will share below:


This Wiki says: 

(13)Permission denied: /home/user/htdocs/test.html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable

.....The above error message indicates that httpd is unable to check whether an .htaccess file exists. This is often caused by too-strict file-system permissions on the directory (as shown by the (13)Permission denied part of the message). Some possible solutions:

  1. Just ask httpd to stop looking for .htaccess files by setting AllowOverride None in httpd.conf for the relevant directories.
  2. Fix the file-system permissions on the directory path (often /home/user). chmod 755 is usually sufficient, and you can set stricter permissions if httpd is configured to run under the user or group that owns the directory.

In some cases, this error can also be caused by special file-systems that return unexpected errors on attempted directory access. For example, some file-systems allow files to be treated as directories in certain cases. If httpd believes that a file is actually a directory, it will try to look inside for an .htaccess file. If it gets a permission denied error in return, it will deny access. This type of situation is usually a faulty file-system behavior and cannot be fixed within Apache. In this case your only choice is to turn off .htaccess processing as in the first solution above.

 By following the advice above I noticed that the site's public_html permissions had been changed from the default 755 to 750. Changing it back to 755 sorted the issue out instantly. I'm still checking for any signs of hacking but for now, the site is up and running again, and the client is happy. Hope this helps someone else out there...