problem after moving to Event MPM

[AladdinJ]

Hello

My problem is when I moved to MPM Event

most of my websites became faster and that's great

the problem is with OpenCart websites on my server
When trying to navigate in website quickly some time appear error says "this page not found"

and when trying to see the apache error log it says: client denied by server configuration

Note: when I get back to prefork MPM the problem Disappear

I tried to search online for the problem But can't found a solution

if any one here can help me
Thanks in advance

 

[cPRex]

Hey there! If you're quickly refreshing pages or navigating the site, sometimes Apache can detect this as malicious traffic. Is there anything additional next to the "client denied by server configuration" message in the Apache log?

You may want to check if your machine has mod_evasive installed in EasyApache, which you can do with this command:

rpm -qa | grep -i evasive

or you can check the Apache Modules section of the EasyApache 4 interface in WHM. If this is present, you may want to try removing it and then see if you're still able to reproduce the problem.

 

[AladdinJ]

yes the problem solved when removed mod evasive

Thank you very much

but I need the mode for security can I configure it to not block legal connection instead of removing the hole mod

 

[cPRex]

Typically we don't recommend much tuning for that module, but you can adjust advanced options as outlined here:

mod_evasive on Apache: Install & Configure to Defend DDoS Attacks

Learn how to defend against DoS & DDoS with mod_evasive on Apache. Updated security tutorial installing & configuring the module. Mitigate attacks today!

phoenixnap.com

On a cPanel server, the configuration file is typically named /etc/apache2/conf.d/300-mod_evasive.conf so you can use that to adjust the settings.

 

[mlopez]

Hey there! If you're quickly refreshing pages or navigating the site, sometimes Apache can detect this as malicious traffic. Is there anything additional next to the "client denied by server configuration" message in the Apache log?

You may want to check if your machine has mod_evasive installed in EasyApache, which you can do with this command:

rpm -qa | grep -i evasive

or you can check the Apache Modules section of the EasyApache 4 interface in WHM. If this is present, you may want to try removing it and then see if you're still able to reproduce the problem.

Hello,

I had the same problem with a WordPress installation (client denied by server configuration ... /wp-admin/admin-ajax.php) and disabling mod_evasive Apache module fixed it.

Now I've got another error in /usr/local/apache/logs/error_log :

[Fri Mar 26 01:39:58.523102 2021] [access_compat:error] [pid 829604] [client x.x.x.x:53172] AH01797: client denied by server configuration: /home/xxx/public_html/wp-content/uploads/woocommerce_uploads/, referer: https://xxxx/wp-content/uploads/woocommerce_uploads/

Who's guilty now? ;-)

Mauricio

 

[cPRex]

That seems like it could be a permissions/ownership issue. Do you see anything odd with ownership or permissions anywhere in that file path?

 

[mlopez]

That seems like it could be a permissions/ownership issue. Do you see anything odd with ownership or permissions anywhere in that file path?

Hey cPRex,

It looks like a security measure taken by Wordfence (WP security plugin) in .htaccess in order to avoid execution or something the like.
It's ok.

Thank you for your help.

Best regards,

Mauricio

 

[cPRex]

I'm glad you were able to track that down!