Well the same error exists in phpmyadmin. Yet the same blog that was setup in IIS 6 worked just fine.
I was hoping to identify what might have changed in IIS7.5. I have read there are certain things that were automatically setup or installed in IIS6 That are not in IIS7.5
I have posted to the wordpress and phpmyadmin and php forums and all suggested it was a permissions issue or something with the server setup.
Hello,
There is one setup feature to check for the IIS Feature Settings has a selection for IIS compatability components.
Go to the control panel and the "Program and Features" and the panel marked "Turn Windows Features on or off" the IIS section
expand the options and look for the IIS compatablity components if it not selected change the setting.
For the changes to take place it will a restart of server and may require a system restart
so you may what check if anyone is connected before making the changes.
Martin :)
.
.
Windows and Linux work Together IT-Pros
Community Member Award 2011
Thank you again for sharing a little of your time and expertise.
All the options that have "IIS" and "Compatibility" in the Server Managers Roles section under Role Services are installed. They all look related to IIS 6 compatibility. Is this what is needed to chat that it is installed installed/checked?
Thank you again for sharing a little of your time and expertise.
All the options that have "IIS" and "Compatibility" in the Server Managers Roles section under Role Services are installed. They all look related to IIS 6 compatibility. Is this what is needed to chat that it is installed installed/checked?
Hi,
Yes and does that help?
I did find an reference on a web search on PHP Pear problems for another thread.
The "Pinnacle Systems" video editor uses the PHP and Pear libraries to do video in their Video editor.
The refernce was that the "video" software installs and modifies the php.ini and pear.ini located in the windows folder.
The advise was to reinstall the Pear and use a local pear and php.ini to stop having conflicts.
This may not apply for current problem but but it maybe is good to remeber incase you or some one else is using the software.
I hope the compatabilty IIS components ehlp.
Martin :)
.
Windows and Linux work Together IT-Pros
Community Member Award 2011
Thank you again Martin, I appreciate all this info and will hold on to it because it seems that it might help with future trouble shooting.
With some more trouble shooting we have found that the words "select" and "sql" seem to be forbidden in the url. I assume to prevent hacks to the database. We read up on the request filtering module but these words weren't defaulted into those settings (at
least from iis). Might there be other places where default settings for the request filtering are located? Also any ideas as to what else might be causing the forbidden words in the url?
We found this out when it was discovered we could do the upgrade from the plugins page from a link under the plugin, but if we tried to upgrade from the upgrade page it would be forbidden. It was found that the word select was in that link on that page as
well as in the link for phpmyadmin when trying to edit tables. then we remembered how when we tried to import a sql file from an old blog to avoid doing it in the database, how that was forbidden too. Testing it again confirmed that the word sql in the url
also caused what the word select caused.
Marked as answer by Leo Tang - MSFT on Jan 11, 2011 07:27 AM
(SOLUTION!) - the issue was the ISAPI Rewrite Manager. It had several query strings, including "select" and "sql", setup to be filtered for incoming calls to our sites. It receives the website call BEFORE it goes to IIS so any changes I had been doing for
IIS had no effect.
and then used the request filtering, which does the same thing within IIS, to block those strings for the whole server. Then we removed those denied strings just from php sites. We now have full access and functionality of both wordpress and phpmyadmin!
HCamper
8048 Posts
Re: Forbidden to Update, Delete and Install Plugins in Wordpress
Jan 06, 2011 12:29 AM|LINK
Hello,
There is one setup feature to check for the IIS Feature Settings has a selection for IIS compatability components.
Go to the control panel and the "Program and Features" and the panel marked "Turn Windows Features on or off" the IIS section
expand the options and look for the IIS compatablity components if it not selected change the setting.
For the changes to take place it will a restart of server and may require a system restart
so you may what check if anyone is connected before making the changes.
Martin :)
.
.
Community Member Award 2011
AAEPA
8 Posts
Re: Forbidden to Update, Delete and Install Plugins in Wordpress
Jan 06, 2011 03:43 PM|LINK
Hi again Martin,
Thank you again for sharing a little of your time and expertise.
All the options that have "IIS" and "Compatibility" in the Server Managers Roles section under Role Services are installed. They all look related to IIS 6 compatibility. Is this what is needed to chat that it is installed installed/checked?
HCamper
8048 Posts
Re: Forbidden to Update, Delete and Install Plugins in Wordpress
Jan 06, 2011 04:00 PM|LINK
Hi,
Yes and does that help?
I did find an reference on a web search on PHP Pear problems for another thread.
The "Pinnacle Systems" video editor uses the PHP and Pear libraries to do video in their Video editor.
The refernce was that the "video" software installs and modifies the php.ini and pear.ini located in the windows folder.
The advise was to reinstall the Pear and use a local pear and php.ini to stop having conflicts.
This may not apply for current problem but but it maybe is good to remeber incase you or some one else is using the software.
I hope the compatabilty IIS components ehlp.
Martin :)
.
Community Member Award 2011
HCamper
8048 Posts
Re: Forbidden to Update, Delete and Install Plugins in Wordpress / edit rows in phpmyadmin - PHP ...
Jan 09, 2011 11:22 AM|LINK
"All Blogs run flawlessly EXCEPT I cannot add, delete or update any plugins on any of the blogs.
I can however upgrade the blog version just fine after setting some permissions.
I receive an error like this when trying to update plugins:"
"Forbidden You don't have permission to access "akismet" on this server."
"This happens on a single plugin update attempt as well as a bulk update on all update-able plugins.
Oddly I get a similar error in phpmyadmin when trying to edit databases but not in mysql workbench."
Hello,
I did a bit of Deep Logging during a World Press install and then starting up Word Press.
What I found is a true "love affair" of several layers of DLLS Folders and hidden process.
The final result is you can fix the plugin issue.
item 1.) The first player lover is "wincache.dll" as long as this extension is enabled it is monitoring all PHP
objects and is "locked" to PHP.
item 2.) The second player is the "akismet" plugin is alive and monitoring network even before you activate
the plugin. You may ask why?
The "aiksmet" plugin requires activation for the plugin is started to check that you
can do the live activation.
item 3.) So from the start up we have "aiksmet" hugging PHP and the network.
Additional gotcha the folder for the plugin did not inherit the server permissions.
item 4.) So the result is on first start of a fresh install of "Word Press" we have the PHP,DLLS and server
locked in a loving relationship and will "scream" in protest of breaking them apart.
So the user/admin is stuck with the plugins
are not changable
and file,permissions,memory errors are displayed.
Note : For this to work your actively logged in a Web Browser in the starting pageof Word Press.
Item 5.) The fix in php.ini comment out wincache.dll.
Restart the web server. Restart the data server.
item 6.) Go to the "C:\inetpub\wwwroot\wordpress\wp-content\plugins" folder whange the permissions for the "IUSR"
to Read,Execute,Write.
Restart the Web Server. Restart the DB server.
item 7.) In IIS Manager go to the Application Pools force a recycle.
Restart the Web Server. This removes the dead cache objects
item 8.) In The "Word Press" use the "delete","clear" histtory bu not full cache for "Firefox" reload the page.
You will be able to "delete","update" all the plugins.
item 9 ) Re enable the "wincache.dll" . Restart the server. Log out of "Word Press".
item 10) Restart the Server, Restart the DB server.
item 11) Logon to "Word Press" add a plugin and update. The two opreations should work now.
Moral and Conclusion: The love of background DLLS and processes is very strong.
In the process of doing the debug:
I and the "wincache" corrupted the PHP.ini and had to replace with a known good one.
If you have questions post to this thread.
Martin :)
</div></div>Community Member Award 2011
AAEPA
8 Posts
Re: Forbidden to Update, Delete and Install Plugins in Wordpress / edit rows in phpmyadmin - PHP ...
Jan 10, 2011 03:37 PM|LINK
Thank you again Martin, I appreciate all this info and will hold on to it because it seems that it might help with future trouble shooting.
With some more trouble shooting we have found that the words "select" and "sql" seem to be forbidden in the url. I assume to prevent hacks to the database. We read up on the request filtering module but these words weren't defaulted into those settings (at least from iis). Might there be other places where default settings for the request filtering are located? Also any ideas as to what else might be causing the forbidden words in the url?
We found this out when it was discovered we could do the upgrade from the plugins page from a link under the plugin, but if we tried to upgrade from the upgrade page it would be forbidden. It was found that the word select was in that link on that page as well as in the link for phpmyadmin when trying to edit tables. then we remembered how when we tried to import a sql file from an old blog to avoid doing it in the database, how that was forbidden too. Testing it again confirmed that the word sql in the url also caused what the word select caused.
AAEPA
8 Posts
Re: Forbidden to Update, Delete and Install Plugins in Wordpress / edit rows in phpmyadmin - PHP ...
Jan 11, 2011 03:38 PM|LINK
(SOLUTION!) - the issue was the ISAPI Rewrite Manager. It had several query strings, including "select" and "sql", setup to be filtered for incoming calls to our sites. It receives the website call BEFORE it goes to IIS so any changes I had been doing for IIS had no effect.
We removed the entries for these strings:
RewriteCond %{QUERY_STRING} select [NC]
RewriteRule (?!403\.html).*$ - [F]
RewriteCond %{QUERY_STRING} select%20 [NC]
RewriteRule (?!403\.html).*$ - [F]
RewriteCond %{QUERY_STRING} sql [NC]
RewriteRule (?!403\.html).*$ - [F]
and then used the request filtering, which does the same thing within IIS, to block those strings for the whole server. Then we removed those denied strings just from php sites. We now have full access and functionality of both wordpress and phpmyadmin!