0

I have a dedicated Plesk server with several domains. In one of them I want to make available a file called, say, "file.db"

If I try to download that file from a web browser, I get a 403 error page saying:

Forbidden

You do not have permission to access this document.

Web Server at @domain_name@

If I rename the file to a more standard extension, like "mp3" (even though it's not really an mp3 file), then I can download the file from the browser.

So there must be some restriction to let browsers only download files with some extensions.

I tried to edit the files "mime.types" and "mime.types.default" inside /etc/nginx to add a line with "application/octet-stream db;" and then restarting the service/server but that accomplished nothing. I still get the 403 page when trying to download the file.

So how can I make the server allow downloading files with ".db" extension? (renaming the file extension is not an option for me since the file name is hard coded into an app that downloads that file).

Improve this question
1
  • Can you share how your nginx.conf (and any imported files) look like, obviously after masking any private information in there).
    – gepa
    Commented Jun 29 at 6:16

1 Answer 1

Reset to default
0

I found a way to prevent this restriction from taking effect.

  1. From the Plesk panel, go to "Tools & Settings" > "Web Application Firewall (ModSecurity)"
  2. Scroll down and in the "Security rule IDs" field type this number: 210730
  3. Click on "OK" or "Apply"

This disables the rule 210730, which I found in the server logs to be the rule that prevented the download of files of unknown type.

More info on disabling rules: https://support.plesk.com/hc/en-us/articles/12377453278871-How-to-disable-specific-Web-Application-Firewall-ModSecurity-rules-in-Plesk

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .