Operating System & Version
Centos 7

MohammadNehme

Member
Jul 23, 2022
6
1
3
Lebanon
cPanel Access Level
Root Administrator
Hello , Recently I activated mod HTTP2 on easyapache4.
The problem that occurred is that all of the websites on the server gave a 403 Forbidden error, after checking the Apache error log i saw that most of the Lines were Client Denied by server configuration , after a brief search on this problem most of the results were that i need to check if in the Apache configuration file if there is a Deny From all for the directory ( of the website) and i did not find that , aslo i checked the local .htacess for any local configuration also nothing was found .

Also the .htaccess files is readable and the public_html directory is executable

Any help or suggestion would be appreciated.
Thank you
 
Last edited by a moderator:

MohammadNehme

Member
Jul 23, 2022
6
1
3
Lebanon
cPanel Access Level
Root Administrator
Hey there! Do you have one of the specific 403 entries from the log file? If you post that with the IP address and domain removed, that might help us get you more details.
Hello..
Thank you for your reply , here are some of the errors found upon activating mod_http2,but first i'm going to share with you the steps that we do in order to activate it.


- Log into to WHM server
- Go to EasyApache4
- Click "Customize" button to customize the current profile.
- Go to apache modules
- Search for mod_suexec, enable it (this will disable mod_ruid2)
- Search for mod_http2, enable it (this will disable mod_cgi and mod_mpm_prefork)
- Click continue to go to Apache MPM, then enable mod_mpm_event
- Then click next, next..., review, provision.


The errors are as follow ( I'm gonna show from the moment we activated mod_http2 :


Line 34208: [Wed Jul 20 05:26:14.435102 2022] [http2:info] [pid 27383:tid 47802050491456] AH03090: mod_http2 (v1.15.28, feats=CHPRIO+SHA256+INVHD+DWINS, nghttp2 1.48.0), initializing...

Line 34209: [Wed Jul 20 05:26:14.449508 2022] [mpm_event:notice] [pid 27383:tid 47802050491456] AH00489: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4 configured -- resuming normal operations

Line 34210: [Wed Jul 20 05:26:14.449544 2022] [core:notice] [pid 27383:tid 47802050491456] AH00094: Command line: '/usr/sbin/httpd'

Line 34211: [Wed Jul 20 05:26:14.639868 2022] [core:crit] [pid 27389:tid 47802356692736] (13)Permission denied: [client IP:ADDRESS] AH00529: /home/$user/public_html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/home/$user/public_html/' is executable

Line 34254: [Wed Jul 20 05:26:35.453449 2022] [:error] [pid 27391:tid 47802377705216] [client IP:ADDRESS] client denied by server configuration: /home/$user/public_html/category

Line 34301: [Wed Jul 20 05:29:58.209791 2022] [:error] [pid 27391:tid 47802470143744] [client IP:ADDRESS] client denied by server configuration: /home/$user/public_html/article.php



These are the main errors that are repeatable , they are pretty much self explanatory and we checked for any misconfiguration regarding owner/permission and all was okay , but this (check) was after we deactivated mod_http2 and returned everything to it's previous state .
We will redo the trial and check instantly apache's error log and also the owner/permission to make sure that everything is normal .

Any extra help/suggestion would be appreciated .

Best Regards
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
11,718
1,862
363
cPanel Access Level
Root Administrator
Can you let me know what PHP handler you're using? You'll want to check the compatibility guide here to ensure you aren't attempting to use one of those handlers:

 
  • Like
Reactions: MohammadNehme

MohammadNehme

Member
Jul 23, 2022
6
1
3
Lebanon
cPanel Access Level
Root Administrator
Can you let me know what PHP handler you're using? You'll want to check the compatibility guide here to ensure you aren't attempting to use one of those handlers:

I'm using CGI handler , and upon installation mod_cgi is removed and replaced automatically by mod_cgid as a php handler , we are following the compatibility guide presented in the link above , we will do another trial soon and monitor the apache error log and we will try to handle the issues instantly , but in the meantime we are gathering any more intel that will help us gain more knowledge to determine where is the issue .

Again any Guidance/assistance would be appreciated
Thank you
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
11,718
1,862
363
cPanel Access Level
Root Administrator
At this point it might be best to submit a ticket to our support team so we can check the system directly, because I'm not seeing anything obviously misconfigured from the details you have provided.

If you are able to submit a ticket, please post the number here so I can follow along.
 
  • Like
Reactions: MohammadNehme

MohammadNehme

Member
Jul 23, 2022
6
1
3
Lebanon
cPanel Access Level
Root Administrator
At this point it might be best to submit a ticket to our support team so we can check the system directly, because I'm not seeing anything obviously misconfigured from the details you have provided.

If you are able to submit a ticket, please post the number here so I can follow along.
Yes we will do that in a couple of days!
When I submit a ticket I will immediately post the number here .

Much appreciated!
 
  • Like
Reactions: cPRex