search cancel

Clients and GUPs get 403 Forbidden response in Apache logs when the Inetpub\content folder is configured to use a symbolic link


Article ID: 161976


Updated On:


Endpoint Protection


After upgrading to 12.1 RU5 and reconfiguring symbolic links on the Inetpub/content/ folder, clients and GUPs receive HTTP 403 Access Forbidden results in the Apache Access logs. From the Apache Access.log you see repeated GET request results such as this on all GET requests hitting the apache server:
"GET /content/TempCache/{810D5A61-809F-49c2-BD75-177F0647D2BA}/150426016/xdelta150426016_To_150507009.dax HTTP/1.1" 403 301 "-" "Smc"

Additionally, the Apache Error log contains the following symbolic link errors that look to be concurrent with the access log's GET requests:
AH00037: Symbolic link not allowed or link target not accessible: C:/Program Files (x86)/Symantec/Symantec Endpoint Protection Manager/Inetpub/content


This occurs when the httpd.conf file does not have the option to follow symbolic links created within the Inetpub directory.


  1. Open the httpd.conf file and find the <Directory "../Inetpub"> section.
  2. Find the line that contains #Options Indexes FollowSymLinks ExecCGI.
  3. Below the above line add Options FollowSymLinks.
  4. Save the changes to the httpd.conf file
  5. Restart the SEPM and SEPM Web server services.
The SEPM's apache server should now properly be configured to make use of the symbolic link configured on the /Inetpub/content folder.