403 showing wherever an iframe is located

[mkaaaay]

We're seeing some 403 errors, and all are where a html page within an iframe is being loaded.

Permissions and ownership are consistent with the rest of the site.

 

[mkaaaay]

error log shows:

[ACL] Access to context [/path/to/folder/] is denied!

In that folder, we serve html files via ajax and have an htaccess file there with the following contents:

RewriteEngine off
<Files "*">
Satisfy Any
</Files>


IN the parent folder, there is an .htaccess file with
Deny from all
in it.... which we need.

 

[mkaaaay]

so, it seems it has to do with that htacess. This works fine under apache however.

To fix it, i just moved the subfolder to a new location, but this is hardly ideal

What's the real fix here please?

 

[NiteWave]

RewriteEngine off

how about change "off" to "on" ?

 

[mkaaaay]

still gives a 403.

it's as though the subfolder htaccess wont override the parent.

 

[NiteWave]

how about remove "<Files "*"></Files>", just leave "Satisfy Any" or change it to "allow from all" ?

 

[mkaaaay]

removing <files>... has no impact. Changing it to "Allow from all" creates a 404 instead.

 

[mkaaaay]

... and the winner is:

RewriteEngine off
Allow from all

Thanks for walking me through it