Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

possible security question - Invalid method in request

Discussion in 'Security' started by jols, Aug 28, 2009.

  1. jols

    jols Well-Known Member

    Mar 13, 2004
    Likes Received:
    Trophy Points:
    We have a security system on the server which will block too many 404 errors (file not found) if the accesses are made directly to the server IP (not the individual hosted accounts).

    We host one customer who is being blocked repeatedly by this anti 404 security measure.

    She can just sit there, WITHOUT DOING ANYTHING, and be blocked again and again without any apps running on her PC.

    Here's what we are finding in the logs after each block (as related to her ISP assigned IP address):

    Invalid method in request \x16\x03\x01

    So, something is hitting the server's IP (not her hosted domain) over and over again from her PC with no apps running.

    What could this be?
  2. MattCurry

    MattCurry Well-Known Member

    Aug 18, 2009
    Likes Received:
    Trophy Points:
    Houston, Tx
    Security Issue


    I do apologize for any problems you have had. However, in this particular case I think we should go ahead and put a ticket in so we can get a better look at what is causing this issue. You can submit a ticket via the link at the bottom of the page. I hope this helps get you working. Please let me know if you have any other questions.

    Thank you,
    Matthew Curry
  3. Infopro

    Infopro cPanel Sr. Product Evangelist Staff Member

    May 20, 2003
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    How do you know there are no apps running on that PC, was it scanned for issues I guess. What do your logs say about it? What browser is the user using and what happens if they use a different one?

    Have you tried googling this error?
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Spiral

    Spiral BANNED

    Jun 24, 2005
    Likes Received:
    Trophy Points:
    Sounds like they may possibly be running some sort of pre-caching
  5. jdlightsey

    jdlightsey Perl Developer III Staff Member

    Mar 6, 2007
    Likes Received:
    Trophy Points:
    Houston Texas
    cPanel Access Level:
    Root Administrator
    These "invalid request method" warnings are almost always caused by someone attempting to make a HTTPS connection to a site that has no SSL certificate installed.

    SSL certs are mapped by IP address and port by Apache. When an IP:port has no SSL cert installed some versions of Apache assume that connections to that IP (even on port 443) are being made without SSL.

    So if is on IP and no SSL cert has been installed on IP, and the owner of mistakenly puts a link somewhere on their website, you'll get this type of warning whenever someone clicks the link...

    The client browser connects to port 443 and tries to start up a SSL connection.

    The web server gets a connection on port 443 and expects it to be plaintext. It's looking for "GET / HTTP/1.1" or "POST /something.php HTTP/1.1" and it sees a bunch of gibberish instead (the client trying to set up SSL.)

    You can replicate this easily by visiting port 80 using SSL on any IP on your systems. It'll generate the exact same types of errors...

    These messages are nothing to worry about since they simply indicate that the client is trying to access a resource using SSL that isn't configured to be available via SSL. If the messages really trouble you for some reason though, just make sure every IP on the system has a SSL cert configured.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice