Cannot Login to File Manager

Hello,

I have issue with file manager. I can't use file manager with error logs

Access to context [/.filemanager/] is denied!

How can i resolve this issue ? Thank you :smile:

Comments

  • edited April 9
    Hello,

    I have read that link after i install CyberPanel. But, i don't change anything on them.

    This is my VHost Conf
    ============================
    context /.filemanager {
    type NULL
    location /usr/local/lsws/Example/html/FileManager
    allowBrowse 1
    autoIndex 1

    accessControl {
    allow 127.0.0.1, localhost
    deny 0.0.0.0/0
    }
    addDefaultCharset off
    }

    rewrite {
    enable 1
    rewriteFile /home/domain.tld/public_html/.htaccess
    }
    ================================

    And, Example VHost still there, i don't delete it.


    My .htaccess is just like that :
    ==================================
    # BEGIN LSCACHE
    ## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##

    RewriteEngine on
    CacheLookup on
    RewriteRule .* - [E=Cache-Control:no-autoflush]
    RewriteRule ^min/\w+\.(css|js) - [E=cache-control:no-vary]

    ### marker CACHE RESOURCE start ###
    RewriteRule wp-content/.*/[^/]*(responsive|css|js|dynamic|loader|fonts)\.php - [E=cache-control:max-age=3600]
    ### marker CACHE RESOURCE end ###

    ### marker LOGIN COOKIE start ###
    RewriteRule .? - [E="Cache-Vary:wp-postpass_6ef2e037d832c0a14142060b0a252fed"]
    ### marker LOGIN COOKIE end ###

    ### marker FAVICON start ###
    RewriteRule favicon\.ico$ - [E=cache-control:max-age=86400]
    ### marker FAVICON end ###


    ## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
    # END LSCACHE
    # BEGIN NON_LSCACHE
    ## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
    ### marker MINIFY start ###

    RewriteEngine on
    RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} ^(.*)/min/(\w+)\.(css|js)$
    RewriteCond %1/wp-content/cache/$2/$1.$2 -f
    RewriteRule min/(\w+)\.(css|js) wp-content/cache/$2/$1.$2 [L]

    ### marker MINIFY end ###

    ## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
    # END NON_LSCACHE
    # This file was updated by Duplicator on 2018-04-03 04:15:05. See .htaccess.orig for the original .htaccess file.
    # Please note that other plugins and resources write to this file. If the time-stamp above is different
    # than the current time-stamp on the file system then another resource has updated this file.
    # Duplicator only writes to this file once during the install process while running the installer.php file.

    # BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.26]

    RewriteEngine on
    RewriteCond %{HTTPS} !=on [NC]
    RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

    # END rlrssslReallySimpleSSL
    # BEGIN WordPress

    RewriteEngine On
    RewriteBase /
    RewriteCond %{ORG_REQ_URI} !/.filemanager ( I am try to put this, but it is not working, remove it, but not working too)
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{ORG_REQ_URI} !/.filemanager
    RewriteRule . /index.php [L]


    # END WordPress
    RewriteCond %{HTTP_HOST} ^domain\.tld$ [OR]
    RewriteCond %{HTTP_HOST} ^www\.domain\.tld$
    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
    RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
    RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$

    =========================================
  • In your vhost conf:

    accessControl {
    allow 127.0.0.1, localhost, IP Address
    deny 0.0.0.0/0
    }
    addDefaultCharset off
    }

    Replace IP with your IP Address.

  • edited April 12

    Hello,

    Thanks for update. But, it is not working too

    accessControl { allow 127.0.0.1, localhost, 80.211.xxx.xxx deny 0.0.0.0/0 } addDefaultCharset off }

  • Is this your server IP 80.211.xxx.xxx ?

    It should be your computer IP.

  • edited April 12

    @usmannasir said:
    Is this your server IP 80.211.xxx.xxx ?

    It should be your computer IP.

    Nope, xxx means i cencored it in public forum :)

    I put my ip on vhost conf correctly

  • I mean this IP should be your computer's IP, not the VPS/Server IP.

  • edited April 12

    @usmannasir said:
    I mean this IP should be your computer's IP, not the VPS/Server IP.

    Oh, i tried to change it but it is still not working

    `context /.filemanager {
    type null
    location /usr/local/lsws/Example/html/FileManager
    allowBrowse 1
    autoIndex 1

    accessControl {
    allow 127.0.0.1, localhost, 203.78.117.246
    deny 0.0.0.0/0
    }`

    203.78.117.246 it is my computer IP

    I think it is not big problem, because i could use Net2FTP or FileZilla to upload my file. But, i am curious why it is not working with default configuration

  • How about if you remove this part completely:

    accessControl {
    allow 127.0.0.1, localhost, 203.78.117.246
    deny 0.0.0.0/0
    }
    
  • @usmannasir said:
    How about if you remove this part completely:

    > accessControl {
    > allow 127.0.0.1, localhost, 203.78.117.246
    > deny 0.0.0.0/0
    > }
    > 

    Ah, thank you very much Sir. It is working :)

    How can be ?

  • Oh, looks like the problem is here deny 0.0.0.0/0

    I am trying to remove it, and it is working well. I don't really know about that, but 0.0.0.0/0 means all right ? So, it is deny all address ?

  • Yes you should deny all and use allow for localhost, 127.0.0.1 and any other IP Addresses you need to whitelist.

  • Okay, i got it. So, with that configuration (removing deny 0.0.0.0/0) will it gilve some impact to security ?

  • @gabrielwaskito said:
    Okay, i got it. So, with that configuration (removing deny 0.0.0.0/0) will it gilve some impact to security ?

    Yes right.

  • @usmannasir said:

    @gabrielwaskito said:
    Okay, i got it. So, with that configuration (removing deny 0.0.0.0/0) will it gilve some impact to security ?

    Yes right.

    Okey. Thank you then :)

Sign In or Register to comment.
Support CyberPanel CyberPanel Discord

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!