Too many requests causing a 403 Error

[JZ]

Active Member
Nov 4, 2003
31
2
158
Hi all,

Hope someone can advise on this small problem.

When a website or webpage files are refreshed or called upon too quickly the user gets a 403 error, expecially when its calling on anything mySQL related more so.

Checked cPanel error logs and permissions on folders and files and can not find anything.
Even used different EA4 setups to no avail.

Any ideas, thank you.
 

[JZ]

Active Member
Nov 4, 2003
31
2
158
After a little more searching on here, looks like it might be related to Mod_Evasive?
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
Hello @[JZ],

You should see an entry logged to the Apache error log (/usr/local/apache/logs/error_log) when this happens. Can you review the Apache error log and let us know what appears when you see the 403 error code in your browser?

Thank you.
 

[JZ]

Active Member
Nov 4, 2003
31
2
158
Many thanks for your reply.

I refreshed the website page 3 times that contains the sql until i received the 403 Forbidden page.
The Apache error log shows 9 times the following:
[{timestamp}] [:error] [pid 18227:tid 47432421361408] [client {ip}] client denied by server configuration: /{file location}.php, referer: {full url}.php
Of course i have eddited whats in the curly brackets.
 

[JZ]

Active Member
Nov 4, 2003
31
2
158
Hi Patrick,

Thanks for your reply.

The only contents is a file starting dos- and it contains just 25896.

Yet WHM ModSecurity Tools is showing me multiple Severity Criticals and Errors 403 with my IP listed.
240530: COMODO: WAF: CSRF Protection bypass in...
 

[JZ]

Active Member
Nov 4, 2003
31
2
158
By disabling ModSecurity one website backend will work fine and is probably down to a script.
Yet the other i'm still getting 403 Errors when refreshing or reloading the page too soon with SQL connections.
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter
By disabling ModSecurity one website backend will work fine and is probably down to a script.
Yet the other i'm still getting 403 Errors when refreshing or reloading the page too soon with SQL connections.
Hello,

Can you open a support ticket so we can take a closer look to see what's happening? You can post the ticket number here and we'll link this thread to it.

Thank you.
 

[JZ]

Active Member
Nov 4, 2003
31
2
158
Thank you for your reply Michael.

In the end i rebuilt my EA4 package with mod_evasive disabled.
This solved all problems for me.