Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Too many requests causing a 403 Error

Discussion in 'General Discussion' started by [JZ], Feb 13, 2019.

  1. [JZ]

    [JZ] Active Member

    Joined:
    Nov 4, 2003
    Messages:
    31
    Likes Received:
    2
    Trophy Points:
    158
    Hi all,

    Hope someone can advise on this small problem.

    When a website or webpage files are refreshed or called upon too quickly the user gets a 403 error, expecially when its calling on anything mySQL related more so.

    Checked cPanel error logs and permissions on folders and files and can not find anything.
    Even used different EA4 setups to no avail.

    Any ideas, thank you.
     
  2. [JZ]

    [JZ] Active Member

    Joined:
    Nov 4, 2003
    Messages:
    31
    Likes Received:
    2
    Trophy Points:
    158
    After a little more searching on here, looks like it might be related to Mod_Evasive?
     
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,284
    Likes Received:
    2,154
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @[JZ],

    You should see an entry logged to the Apache error log (/usr/local/apache/logs/error_log) when this happens. Can you review the Apache error log and let us know what appears when you see the 403 error code in your browser?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. [JZ]

    [JZ] Active Member

    Joined:
    Nov 4, 2003
    Messages:
    31
    Likes Received:
    2
    Trophy Points:
    158
    Many thanks for your reply.

    I refreshed the website page 3 times that contains the sql until i received the 403 Forbidden page.
    The Apache error log shows 9 times the following:
    [{timestamp}] [:error] [pid 18227:tid 47432421361408] [client {ip}] client denied by server configuration: /{file location}.php, referer: {full url}.php
    Of course i have eddited whats in the curly brackets.
     
  5. PatrickVeenstra

    PatrickVeenstra Well-Known Member

    Joined:
    Feb 12, 2012
    Messages:
    155
    Likes Received:
    3
    Trophy Points:
    68
    Location:
    Barcelona
    cPanel Access Level:
    Root Administrator
    Did you look at /var/log/apache2/mod_evasive/
     
  6. [JZ]

    [JZ] Active Member

    Joined:
    Nov 4, 2003
    Messages:
    31
    Likes Received:
    2
    Trophy Points:
    158
    Hi Patrick,

    Thanks for your reply.

    The only contents is a file starting dos- and it contains just 25896.

    Yet WHM ModSecurity Tools is showing me multiple Severity Criticals and Errors 403 with my IP listed.
    240530: COMODO: WAF: CSRF Protection bypass in...
     
  7. [JZ]

    [JZ] Active Member

    Joined:
    Nov 4, 2003
    Messages:
    31
    Likes Received:
    2
    Trophy Points:
    158
    By disabling ModSecurity one website backend will work fine and is probably down to a script.
    Yet the other i'm still getting 403 Errors when refreshing or reloading the page too soon with SQL connections.
     
  8. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,284
    Likes Received:
    2,154
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Can you open a support ticket so we can take a closer look to see what's happening? You can post the ticket number here and we'll link this thread to it.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. [JZ]

    [JZ] Active Member

    Joined:
    Nov 4, 2003
    Messages:
    31
    Likes Received:
    2
    Trophy Points:
    158
    Thank you for your reply Michael.

    In the end i rebuilt my EA4 package with mod_evasive disabled.
    This solved all problems for me.
     
  10. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,284
    Likes Received:
    2,154
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    Let us know if you encounter any additional issues should you decide to enable mod_evasive again in the future.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice