403 Error When Installing Version 5

Your software
My Mautic version is: 5.04
My PHP version is: 7.4
My Database type and version is: No clue. Does this help?

  • Server: DA PMA Signon ( via TCP/IP)
  • Server type: MySQL
  • Server connection: SSL is not being used Documentation
  • Server version: 8.0.36-cll-lve - MySQL Community Server - GPL
  • Protocol version: 10
  • User: da_sso_QVux194Sr@localhost
  • Server charset: UTF-8 Unicode (utf8mb3)

Web server

  • LiteSpeed
  • Database client version: libmysql - mysqlnd 7.4.33
  • PHP extension: mysqli Documentation curl Documentation mbstring Documentation sodium Documentation
  • PHP version: 7.4.33

Your problem
My problem is: I installed Mautic in a subdomain. I’ve tried both Softaculous and uploading it and installing it manually. I still get a 403 error when I go to the log in page.

I talked to my web host. They said it has something to do with the .htaccess. That it is causing the problem. I’ve tried every solution I’ve found on this board, and none of them work.

I’m not sure what else to do. Is there an .htaccess file that works? I read on Github the .htaccess is a problem and it needs to be rewritten.

Thank you for your help. I used Mautic before. I don’t remember why I stopped using it. I never had this trouble with the older versions.

These errors are showing in the log:

Steps I have tried to fix the problem:

I tried installing this on its own domain, and I still have the same issue: 403 error.

My webhost was able to provide a solution, so I am posting this in the hopes it helps someone else. I changed the domain I used to mydomain.com in the response for privacy. I had two installs. I will be using the one I installed in a subdomain. This fixed the issue for both.

mydomain.com the issuer is .htaccess

If I remove it and load the site

The “app/bundles/CoreBundle/Resources/views/Offline” directory does not exist (“/usr/local/bin/app/bundles/CoreBundle/Resources/views/Offline”).

and in logs

2024-04-25 16:42:59.137500 [NOTICE] [1997292] [T0] [] [STDERR] Symfony\Component\ErrorHandler\Error\FatalError: Error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 1642496 bytes) - in file /home/xxxxxxxxx/domains/mydomain.com/public_html/vendor/symfony/dependency-injection/ContainerBuilder.php - at line 1607\n

It was

# Deny access via HTTP requests to all PHP files.

   Require all denied

I also raised php limit for memory.

Here is the .htaccess file I am using.

# Use the front controller as index file. It serves as a fallback solution when
# every other rewrite/redirect fails (e.g. in an aliased environment without
# mod_rewrite). Additionally, this reduces the matching process for the
# start page (path "/") because otherwise Apache will apply the rewriting rules
# to each configured DirectoryIndex file (e.g. index.php, index.html, index.pl).
#DirectoryIndex index.php

<IfModule mod_rewrite.c>
    RewriteEngine On

    # Set Authorization header for OAuth2 for when php is running under fcgi
    RewriteCond %{HTTP:Authorization} .+
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Determine the RewriteBase automatically and set it as environment variable.
    # If you are using Apache aliases to do mass virtual hosting or installed the
    # project in a subdirectory, the base path will be prepended to allow proper
    # resolution of the app.php file and to redirect to the correct URI. It will
    # work in environments without path prefix as well, providing a safe, one-size
    # fits all solution. But as you do not need it in this case, you can comment
    # the following 2 lines to eliminate the overhead.
    RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
    RewriteRule ^(.*) - [E=BASE:%1]

    # Redirect to URI without front controller to prevent duplicate content
    # (with and without `/app.php`). Only do this redirect on the initial
    # rewrite by Apache and not on subsequent cycles. Otherwise we would get an
    # endless redirect loop (request -> rewrite to front controller ->
    # redirect -> request -> ...).
    # So in case you get a "too many redirects" error or you always get redirected
    # to the start page because your Apache does not expose the REDIRECT_STATUS
    # environment variable, you have 2 choices:
    # - disable this feature by commenting the following 2 lines or
    # - use Apache >= 2.3.9 and replace all L flags by END flags and remove the
    #   following RewriteCond (best solution)
    RewriteCond %{ENV:REDIRECT_STATUS} ^$
    RewriteRule ^index\.php(/(.*)|$) %{ENV:BASE}/$2 [R=301,L]

    # If the requested filename exists, simply serve it.
    # We only want to let Apache serve files and not directories.
    RewriteCond %{REQUEST_FILENAME} -f
    RewriteRule .? - [L]

    # Rewrite all other queries to the front controller.
    RewriteRule .? %{ENV:BASE}/index.php [L]

<IfModule !mod_rewrite.c>
    <IfModule mod_alias.c>
        # When mod_rewrite is not available, we instruct a temporary redirect of
        # the start page to the front controller explicitly so that the website
        # and the generated links can still be used.
        RedirectMatch 302 ^(?!/(index\.php|app|addons|plugins|media|upgrade))(/(.*))$ /index.php$2
        # RedirectTemp cannot be used instead

<IfModule mod_php5.c>
    # @link https://github.com/mautic/mautic/issues/1504
    php_value always_populate_raw_post_data -1

<IfModule mod_deflate.c>
    <IfModule mod_filter.c>
        AddOutputFilterByType DEFLATE application/javascript
        AddOutputFilterByType DEFLATE application/rss+xml
        AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
        AddOutputFilterByType DEFLATE application/x-font
        AddOutputFilterByType DEFLATE application/x-font-opentype
        AddOutputFilterByType DEFLATE application/x-font-otf
        AddOutputFilterByType DEFLATE application/x-font-truetype
        AddOutputFilterByType DEFLATE application/x-font-ttf
        AddOutputFilterByType DEFLATE application/x-javascript
        AddOutputFilterByType DEFLATE font/opentype
        AddOutputFilterByType DEFLATE font/otf
        AddOutputFilterByType DEFLATE font/ttf
        AddOutputFilterByType DEFLATE image/svg+xml
        AddOutputFilterByType DEFLATE image/x-icon
        AddOutputFilterByType DEFLATE text/css
        AddOutputFilterByType DEFLATE text/javascript
        # Do not enable compression for file types that could contain secrets
        #AddOutputFilterByType DEFLATE text/html
        #AddOutputFilterByType DEFLATE text/plain
        #AddOutputFilterByType DEFLATE text/xml
        #AddOutputFilterByType DEFLATE application/xhtml+xml
        #AddOutputFilterByType DEFLATE application/xml
        #AddOutputFilterByType DEFLATE application/json
        <IfModule mod_setenvif.c>
            <IfModule mod_header.c>
                # Remove browser bugs (only needed for really old browsers)
                BrowserMatch ^Mozilla/4 gzip-only-text/html
                BrowserMatch ^Mozilla/4\.0[678] no-gzip
                BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
                Header append Vary User-Agent

# Apache 2.4+

    # Except those allowed below.
    <If "%{REQUEST_URI} =~ m#^/(index|upgrade/upgrade)\.php#">
        Require all granted

# Fallback for Apache < 2.4
<IfModule !authz_core_module>
    # Deny access via HTTP requests to all PHP files.
    <FilesMatch "\.php$">
        Order deny,allow
        Deny from all

    # Deny access via HTTP requests to composer files
    <FilesMatch "^(composer\.json|composer\.lock)$">
        Order deny,allow
        Deny from all

    # Except those allowed below.
    <If "%{REQUEST_URI} =~ m#^/(index|upgrade/upgrade)\.php#">
        Order allow,deny
        Allow from all

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.