Site administrator denied access to website setting function

Parestico_Pastory · November 17, 2023, 6:41am

I installed/update some plugins recently don’t remembering all but some were these: Manuscript (Default child theme), browse by section, Doi summary, Custom Locale Plugin, Manuscript (Default child theme);OpenID Authentication Plugin

When I open setting (website) I am denied access. The message I get is “Forbidden You don’t have access to this resource”

We uninstalled OpenID Authentication Plugin through the server but the problem is still there. We wanted to remove other plugin but are not seen from the server and we can’t access them from the website setting.

We are using OJS 3.3.0.2

Kindly help

jnoronha · November 18, 2023, 2:49pm

@Parestico_Pastory,

Hi Parestico,

If you have access to the server, try cleaning-up the cache with the following command withing the cache folder:

It’s always a good idea to take a backup before removing files manually.

cd cache
rm -rf *.php *.css *.gz *.js HTML/* URI/* _db/* t_cache/* t_compile/* t_config/*

Best regards,
Josh

asmecher · November 18, 2023, 6:39pm

Hi all,

Warning ! The command above needs to be executed in the cache directory. And as always, just in case, it’s a good idea to take a backup before removing files manually.

Regards,
Alec Smecher
Public Knowledge Project Team

jnoronha · November 19, 2023, 1:04am

Hi Alec,

Good point, I’ve updated my answer to emphasize this.

Best,
Josh

Parestico_Pastory · November 20, 2023, 3:56pm

Thank you all for your suggestions. Our IT has applied suggestions but did not solve the problem. Kindly help!

"1. I did as instructed;

cd cache
rm -rf .php .css .gz .js HTML/ URI/ _db/ t_cache/ t_compile/* t_config/*
systemctl restart apache2

Still the problem persists"

Parestico_Pastory · November 22, 2023, 12:57pm

Hello @jnoronha @asmecher and members, are there any other options I can try to resolve the problem? Kindly advice.
With thanks

asmecher · November 22, 2023, 8:09pm

Hi @Parestico_Pastory,

I’d suggest checking a couple of things:

Does your user account have a Journal Manager role? If not (and if you are able to access .../management/settings/access), grant yourself one.
OJS 3.3.0-2 is pretty old and you may be running into an old bug; I would recommend upgrading to the most recent 3.3.0-x release.
It’s possible that the Forbidden message is not from OJS at all, but another server-side security tool like mod_security. Check your server’s error/security logs to see whether they show that a security rule has been violated when accessing the settings area.

Regards,
Alec Smecher
Public Knowledge Project Team

Parestico_Pastory · November 24, 2023, 8:02am

Hello @scarceacne78
Thank you very much for the advice. Disabled mod_security and problem was fixed. Our IT specialist is investigating the source of the problem so that to enable mod_security.

Many thanks

Parestico_Pastory · November 24, 2023, 8:09am

Solution: mod_security