"Why do I get a 403 error when trying to use Gii?" Follow @yiiframework
4 followers After enabling the Gii module in your protected/config/main.php file and then try to use it with http://example.com/index.php?r=gii, you get an error:
Error 403 You are not allowed to access this page.
This is almost certainly caused by the IP filtering mechanism that Gii uses to protect your system from outsiders - by default it allows localhost only (both IPv4 and IPv6), and remote users (which apparently includes you) won't be allowed in.
To fix this, look in your main config file for the modules section for Gii, and add an ipFilters array that includes your own IP:
// protected/config/main.php return array( ... 'modules' => array( 'gii' => array( 'class' => 'system.gii.GiiModule', 'password' => 'Enter Your Password Here', 'ipFilters' => array('127.0.0.1', '192.168.1.7'), // EDIT TO TASTE ), ...
The ipFilters property can include as many items as you like, and they can be straight IP addresses or wildcards such as "192.168.1.*".
IPv6 addresses are supported as well if the underlying platform supports it, and "::1" represents localhost (which may be required in some configurations).
Be careful not to open Gii to a too-wide audience lest it become a security risk.
Note: Yii 1.1.6 adds the default filter directly to the stock config file:
// If removed, Gii defaults to localhost only. Edit carefully to taste. 'ipFilters'=>array('127.0.0.1','::1'),
so this FAQ may not be so frequent much longer.
- Written by: Steve Friedl
- Category: FAQs
- Votes: +7
- Viewed: 23,170 times
- Created on: Dec 11, 2010
- Last updated: Jan 30, 2011
- Tags: Gii, config
Total 2 comments
together.
Ok, so I am working on this behind a proxy server, SO the only way I can get GII to work is by allowing my public ip address, which is the same for everybody???
Leave a comment
Please login to leave your comment.