blackice

Active Member
Dec 21, 2004
40
0
156
Oxfordshire UK
Hi,

On our machine, over all accounts on multiple domains, some files randomly give 403 forbidden errors. There's no pattern in which ones give 403s, though common ones i've observed include index.php, profile.php and request.php.

I have found no pattern in any of this behaviour and am completely stumped as to what it might be. I'm not running suExec or anything of that sort, I do have mod_security but it's not the cause (Checked config and tried disabling)

The odd thing is that the 403 only lasts for a minute at most, and then is accessible again.

Any ideas?
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,437
33
473
Go on, have a guess
That could possible be caused by mod_dosevasive/mod_evasive. If you're using it in httpd.conf try disabling the module load lines (2) and restart httpd.
 

akasharkbow

Member
Apr 9, 2005
13
0
151
Toronto, Ontario, Canada
I was having this problem on my server as well and this has fixed the problem. Thanks. I am wondering though, does disabling this open the server up to more attacks? Is there anything I should be concerned about?

Thanks for your help.

David J.
 

akasharkbow

Member
Apr 9, 2005
13
0
151
Toronto, Ontario, Canada
Where do I go to do that?

Thanks for your help.

David H. Johnston
 

tweakservers

Well-Known Member
Mar 30, 2006
379
0
166
I was having this problem on my server as well and this has fixed the problem. Thanks. I am wondering though, does disabling this open the server up to more attacks? Is there anything I should be concerned about?

Thanks for your help.

David J.
The module will not be loaded into your Apache. Probably a check / tweak on the mod_dosevasive/mod_evasive modules will help.