Good Old "403"

[Spydernz]

To start, I am new to Sugar.

Have Installed a nice clean version of 5.5 ce.
And noticed that an Import of account listings, I am able to view the initial "list view" but unable to take any other action apart from the link of the name of that account in that first page.
Select one or multiple to delete returns 403 error.
click arrow to view next list returns 403 error.

I have been into the php.ini to initiate the setup, the config.php to set new file and folder permmsions.
And manually setting the file permmsions via ftp manager to make sure.
Ran Sugar diag and all is well, database full access.
I realise there is more than likely a simple explanation. But where to look? I have exhausted my search utilising the actual words relivant ot the problems and only get to where I stand.
The most current seems to return the error log pointing to /Sugar/Cache/module/...
but that file has proper permissions.

I guess my question is,
what are the appropriate php.ini "have toos"
and file permissons in config.php?
Is my database missing something,is there something I could do to check my database?

examples of log errors

I can view the sugar diag but not download it.

Permission denied: access to /Sugar/cache/diagnostic/312a6d6b-1427-d5c3-705d-4c3bbda7871a/diagnostic20100712-211358.zip failed because search permissions are missing on a component of the path

mod_security: Access denied with code 403. Pattern match "((alter|create|drop)[[:space:]]+(column|database|procedure|table)|delete[[:space:]]+from|update.+set.+=)" at POST_PAYLOAD [id "300015"][rev "1"] [msg "Generic SQL injection protection"] [severity "CRITICAL"] [hostname "removed"] [uri "/Sugar/index.php"] [unique_id "TDvP-9gO0HAAAB-Nokc"]

Permission denied: access to/Sugar/cache/jsLanguage/custommodule/en_us.js failed because search permissions are missing on a component of the path

Any pointers would be greatly appreciated.

[andopes]

Make sure the user, under which your web server is running, has read and write recursive access to sugar folder.

Regards

[cs3gallery]

Hi,

First off, let us make sure you have a supported php version installed. Anything 5.3.x has caused me a lot of headache. So make sure you have php 5.2.x

Now, for some reason I noticed that sometime when I run chmod with an ftp program it doesnt always work like it says it does. It would be much better if you had full access to the server either through ssh or directly on it and chown everything to the webserver user group i.e. mine is www-data. Then chmod the required folders and everything in them.

As for your php.ini the only things that need to be changed are the file upload size and memory usage etc.

oh and one more thing... if you are using linux make sure these packages are installed:

php5-cli php5-common php5-curl php5-dev php5-gd php5-imap php5-ldap php5-mhash php5-mysql php5-odbc curl libwww-perl imagemagick libapache2-mod-php5 libapache2-mod-perl2

Let me know your results, I will be watching all day. good luck!

[Spydernz]

Thankyou for replies.

Currently on a Linux server
Running PHP 5.2.9

User, the acount I am using currently to function this is the default admin account, my understanding is that on creation this would have the over all access?
How would I confirm a user has this permission?

I am currently liasing with the admin of server to figure what else can be done form server side.

[Spydernz]

Thankyou,

Solution at hand.

Support "turned mod_security off for the domain.