Forbidden on Page Load after BN-Cert Tool, With and Without Manual Redirects

Keywords: WordPress Multisite - AWS - Technical issue - Secure Connections (SSL/HTTPS)

bnsupport ID: f7c26a0a-1e35-11f1-3080-22b3c1a8e9cb

bndiagnostic output:

? Apache: Found possible issues
? Resources: Found possible issues
https://docs.bitnami.com/general/apps/wordpress/troubleshooting/debug-errors-apache/
https://docs.bitnami.com/bch/apps/moodle/troubleshooting/deny-connections-bots-apache/
https://docs.bitnami.com/installer/faq/linux-faq/administration/increase-memory-linux/

bndiagnostic failure reason: The documentation did not make any significant change

Description:
I recently installed a new AWS with the latest BN Multisite stack and verified all was functioning properly with two domains and verified AWS Elastic IPs and 80, 22, and 443 inbound open. The issues began after running the BN-Cert tool.

Both domains in all forms (getlancer.pro and thehealersaga.com) with and without www and http(s) began to load with Forbidden errors and could not be accessed and are still down. I took the following steps:

  • Added manual redirection to https in the two bitnami.conf files and both wordpress vhost files. Restarted apache, per Bitnami documentation.

  • Verified correct main domain (getlancer.pro) in wp-config.php. No change.

  • Verified that https://www addresses were stored in the WP_OPTIONS table for both sites. Maybe of note that phpmyadmin would not tunnel via 443.

  • Removed manual directives from all files. Revoked certificates and generated new. All sites still Forbidden, but with verified certificates when loading with https and with/without www.

  • Checked wordpress-htaccess and noted only Akismet protections for its own files and directories. Backed up file and attempted loading with plugins disabled. No change. Restored original file and restarted apache. No change.

  • Reverted to dummy certificates per Bitnami documentation and verified that they were now the active certificates. No change.

At this point I am baffled, but suspect the new BN Multi stack’s use of symlinks to protect wp-config and content folders may be to blame for the added complexity in certificate generation.

At this point, I am at a loss, but suspect the new BN Multisite stack’s use of symlinks to protect wp-config.php and wp-content are to blame for bn-cert’s incompatibility.

Hello @LancerAdmin,

I can see you have these 2 lines in your apache/conf/vhosts/wordpress-vhost.conf apache/conf/vhosts/wordpress-https-vhost.conf files:

  DocumentRoot /opt/bitnami/wordpress
  DocumentRoot "/opt/bitnami/apache2/htdocs"

Please remove the 2nd one and restart apache.

Let me know if it solves the issue.

1 Like

Thank you, as that was the issue. It seems I added the line after following the guide, “Force HTTPS Redirection With Apache”

That particular guide includes the erroneous line in its code block under both Approaches. I wasn’t knowledgeable enough to note the issue (although I wondered if that line could be the culprit after some odd behavior in Filezilla). Perhaps removing the line once the guide revisions are fully underway could avoid the same issue in the future.

That said, thank you again for the prompt support. Now to go quash those pesky redirect loops.

1 Like