Dashboards not loading: 403 forbidden

[TafkaMax]

I seem to have an issue with the plugin, where the dashboards don't load because of 403.

I installed the plugin through the plugin manager and set everything up.

My install is located in /home/wiki/ with a user called wiki

As seen from the folder /home/wiki/public/lib/plugins the permissions for Admin plugins have 700 permissions and normal plugins meant for everyone have 755 permissions.

drwx------  6 wiki users 4.0K Jun  1 09:48 statistics
drwxr-xr-x  3 wiki users 4.0K Jun  8 15:24 styling

As an admin I can't see these files. What should I do? Do I need to modify my primary .htaccess ?

[TafkaMax]

I will also leave my .htaccess file

## Enable this to restrict editing to logged in users only

## You should disable Indexes and MultiViews either here or in the
## global config. Symlinks maybe needed for URL rewriting.
#Options -Indexes -MultiViews +FollowSymLinks

## make sure nobody gets the htaccess, README, COPYING or VERSION files
<Files ~ "^([\._]ht|README$|VERSION$|COPYING$)">
    <IfModule mod_authz_host>
        Require all denied
    </IfModule>
    <IfModule !mod_authz_host>
        Order allow,deny
        Deny from all
    </IfModule>
</Files>

## Don't allow access to git directories
<IfModule alias_module>
    RedirectMatch 404 /\.git
</IfModule>

## Uncomment these rules if you want to have nice URLs using
## $conf['userewrite'] = 1 - not needed for rewrite mode 2
RewriteEngine on

RewriteRule ^lib/tpl/dokuwiki/images/favicon.ico$ /favicon.ico [L]

RewriteRule ^_media/(.*)              lib/exe/fetch.php?media=$1  [QSA,L]
RewriteRule ^_detail/(.*)             lib/exe/detail.php?media=$1  [QSA,L]
RewriteRule ^_export/([^/]+)/(.*)     doku.php?do=export_$1&id=$2  [QSA,L]
RewriteRule ^$                        doku.php  [L]
RewriteCond %{REQUEST_FILENAME}       !-f
RewriteCond %{REQUEST_FILENAME}       !-d
RewriteRule (.*)                      doku.php?id=$1  [QSA,L]
RewriteRule ^index.php$               doku.php
#
## Not all installations will require the following line.  If you do,
## change "/dokuwiki" to the path to your dokuwiki directory relative
## to your document root.
#RewriteBase /dokuwiki
#
## If you enable DokuWikis XML-RPC interface, you should consider to
## restrict access to it over HTTPS only! Uncomment the following two
## rules if your server setup allows HTTPS.
#RewriteCond %{HTTPS} !=on
#RewriteRule ^lib/exe/xmlrpc.php$      https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]

[TafkaMax]

Super weird issue. Still persistent.

I am using plain auth and ldap auth using Authchained.

So the user itself is local admin user who should have MAX privileges. But for this plugin the requests are all failing with 403.

The plugins folder is 755 as it should be. The statistics plugin is 700.

Is there a requirement for the plugin to be something else?

Interesting that the datatables plugin also get 403 when logged in as admin.

[TafkaMax]

Seems it was related to my configuration of dokuwiki.

I have php-fpm running which serves my dokuwiki instance from /home/wiki folder.

So the dokuwiki itself is not entirely running off the same user as the webserver. When installing plugins i had dmode set to 700, which means the statistics plugin installed it with 700 permissions. So when requesting to see the img.php script it got 403 error, because it was not allowed to go see if the file exists. So it was not able to run through the php-fpm, which has correct access rights to run the script.