Access to a file is blocked
The information in this post is accurate as of the published date . Please make sure to check any linked documentation within the post for changes/updates.
I’m trying to install a WordPress plugin, but it’s giving me this error:
Execution of the PHP file from the “/app/webpc-passthru.php” path is blocked on your server, or access to this file is blocked.
Can you tell me what might be blocking access to this file?
web:
locations:
"/":
# The public directory of the app, relative to its root.
root: "web"
# The front-controller script to send non-static requests to.
passthru: "/index.php"
# Wordpress has multiple roots (wp-admin) so the following is required
index:
- "index.php"
# The number of seconds whitelisted (static) content should be cached.
expires: 600
scripts: true
allow: true
rules:
^/composer\.json:
allow: false
^/license\.txt$:
allow: false
^/readme\.html$:
allow: false
^\/app\/uploads\/(?<path>.+)\.webp$: # What do we do when a .webp file is requested?
allow: false # DO NOT look for it in the /app/uploads directory
passthru: '/app/uploads-webpc/uploads/$path.webp' # Instead, Look for the file in /app/uploads-webpc
"/app/uploads-webpc": # What do we do when a URL requested to /app/uploads-webpc is made?
allow: true # Allow any file in this directory to be viewed
scripts: false # Do not allow scripts to run
rules:
^\/app\/uploads\/(?<path>.+)\.webp$: # What do we do when a .webp file is requested?
allow: true # Try to loaded it if it exists
passthru: '/app/uploads/$path' # If it is not found, check for the original version in /app/uploads
"/wp/wp-content/cache":
root: "web/app/cache"
scripts: false
allow: false
"/wp/wp-content/uploads":
root: "web/app/uploads"
scripts: false
allow: false
rules:
# Allow access to common static files.
? '(?<!\-lock)\.(?i:jpe?g|gif|png|avif|webp|svg|bmp|ico|css|js(?:on)?|eot|ttf|woff|woff2|pdf|docx?|xlsx?|pp[st]x?|psd|odt|key|mp[2-5g]|m4[av]|og[gv]|wav|mov|wm[av]|avi|3g[p2])$'
: allow: true
expires: 1w
-
i’m going to make some assumptions based on what you’ve included. If any of those assumptions are incorrect, please let me know.
It looks like you have your web root set to
/app/web/
and webpc-passthru.php is stored in the directory above (ie/app/webpc-passthru.php
). The file should be includable but unless you have a location defined for it, it wont be accessible from the web.I’ve not used this plugin before but I’m surprised it would want to place one of its files above the webroot. :puzzled: Is the
/app/webpc-passthru.php
it’s referencing the physical path or the URI?0 -
I believe it’s trying to reach the file at
https://mywebsite.com/app/webpc-passthru.php
Thanks for your help!
0 -
Here is the screenshot of the error returned by the plugin. I'd love it if you could help me resolve this.
0 -
based on this:
"/wp/wp-content/uploads": root: "web/app/uploads"
from your file above, your web root is
web
. and you're exposing the *server* directory./web/app/uploads
to the world as/wp/wp-content/uploads
.Since you also have
"/wp/wp-content/cache": root: “web/app/cache”
as a location, you could instead combine those into:
"/wp/wp-content": root: "web/app"
if the file
webpc-passthru.php
is physically (ie the server path) located at./web/app/webpc-passthru.php
then it will be exposed to the world ashttps://site-domain/wp/wp-content/webpc-passthru.php
0
Please sign in to leave a comment.
Comments
4 comments