LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-21-2016, 12:41 PM   #1
AdultFoundry
Member
 
Registered: Jun 2015
Posts: 245

Rep: Reputation: Disabled
Client denied by server configuration in /var/log/httpd/error_log


I have 6 different websites on my hosting and all of them work as they should. When I try to upload images to a vBulletin 5 post I get "Client denied by server configuration" for various files in various directories under /home/www/html/forum-name.

I've been reading about the changes between Apache 2.2 and 2.4 (I have the newest software so it should be 2.4, all updated and upgraded todat), and "Require all denied" in /etc/httpd/conf/httpd.conf, but I am not sure if this is it. If all other websites work, why this one would not work.

SeLinux is disabled so this can be taken out of the equations as a whole. And in general the forum works, it just seems to be some problem with image / attachments uploads and the reason could be this access denial, but I am not sure what this is. This is something related to Apache, and no permissions or anything like that (based on the fact that the info comes from the error_log).

###Edit:
This is 403 errors.

###Edit2:
httpd.com is correct, the access is granted to the /home/www/html and everything underneath it in this config file. The VirtualHost config / directive is correct too, so I am not sure about the source of this error, and if there is any way to check that.

Last edited by AdultFoundry; 07-21-2016 at 01:31 PM.
 
Old 07-21-2016, 02:44 PM   #2
Habitual
LQ Addict
 
Registered: Jan 2011
Location: Youngstown, Ohio
Distribution: LM17.1/Xfce4.11.8
Posts: 7,159
Blog Entries: 10

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
Quote:
Originally Posted by AdultFoundry View Post
SeLinux is disabled so this can be taken out of the equations as a whole.
I REFUSE to help anyone who disables Security.

Turn in your Linux Toaster.
 
Old 07-22-2016, 01:44 AM   #3
Doug G
Member
 
Registered: Jul 2013
Posts: 594

Rep: Reputation: Disabled
Check the apache error logs for details about what's causing the error message. Things like openbasedir or other incorrect apache settings can cause that error, and the error log should give you the details.
 
Old 07-22-2016, 05:50 AM   #4
AdultFoundry
Member
 
Registered: Jun 2015
Posts: 245

Original Poster
Rep: Reputation: Disabled
There is no info about what may be causing this in /var/logs/httpd/error_log. All the lines look something like this:

client denied by server configuration: /home/www/html/forum/core/image.php, referer: http://forum.com/

client denied by server configuration: /home/www/html/forum/images/css/sprite_gradients_vb.png, referer: http://forum.com/css.php?styleid=10&...&ts=1468835384

client denied by server configuration: /home/www/html/forum/css.php, referer: http://forum.com/forum/other/off-topic

I run httpd -t and it returns Syntax OK. Virtual Host config is also ok (the most basic and it works on 6 other sites), as I've mentioned before. So basically this is related to just one site, and I am not sure if there is a place where I can find the info about what may be causing this. This may be related to image / attachments uploads to vBulletin posts. So I try to add an image to this post as an upload, and I would get something like the above in the error_log. So maybe not this domain related but upload related as I was not uploading to the other sites.

###Edit:
.htaccess is good too, as is the default for vBulletin 5, and this worked on a different hosting I think. So brand new and the newest Centos7, Apache, and some sort of congif somewhere is causing this. All installed with yum, the most standard and basic install and so on. update and upgrade done.

Last edited by AdultFoundry; 07-22-2016 at 05:54 AM.
 
Old 07-22-2016, 06:00 AM   #5
TenTenths
Senior Member
 
Registered: Aug 2011
Location: Dublin
Distribution: Centos 5 / 6 / 7
Posts: 2,166

Rep: Reputation: 751Reputation: 751Reputation: 751Reputation: 751Reputation: 751Reputation: 751Reputation: 751
Try adding this to the vhost config file for the site:

Code:
<Directory "/home/www/html/">
    Require all granted
</Directory>
 
Old 07-22-2016, 06:06 AM   #6
AdultFoundry
Member
 
Registered: Jun 2015
Posts: 245

Original Poster
Rep: Reputation: Disabled
@TenTenths - I've checked this initially. It is correctly set in httpd.config file.

Looking at this (which is probably the best source for this):

https://wiki.apache.org/httpd/Client...rConfiguration

It may be this:

- A PUT request was received; a 403 is the default response. Access can be granted with limitexcept (2.2) or mod_allowmethods (2.4).

or:

- Using mod_security with an explicit directive to deny access. Altering or commenting out the offending directives from that module will resolve the issue.

I have installed mod_security as an addition, I think, but I was not adding or changing any settings of that.
 
Old 07-24-2016, 04:41 AM   #7
AdultFoundry
Member
 
Registered: Jun 2015
Posts: 245

Original Poster
Rep: Reputation: Disabled
I am still stuck on this. If anybody would have any ideas, I could use the info to fix this.
 
Old 07-24-2016, 05:38 AM   #8
AdultFoundry
Member
 
Registered: Jun 2015
Posts: 245

Original Poster
Rep: Reputation: Disabled
This is not for just one site, I get it for all the sites.

client denied by server configuration: /home/www/html/site-one/wp-login.php, referer: http://somenamehere.site-one.com/wp-login.php
client denied by server configuration: /home/www/html/site-two/startup.php
client denied by server configuration: /home/www/html/site-three/captcha
client denied by server configuration: /home/www/html/site-four/core/image.php, referer: http://site-four.com/

So some aspect of the config is wrong. Like I said, this is a basic / standard installation, only the necessary / standard config changes have been done. I think that I have added mod_security and mod_evasive too (some two security modules, according to one of the articles from a good website on the Net).

###Edit:
I have 21,579 entries like this in the error log for the past week. All the sites get around 1,000 people per day, so it is slow sites. A lot of people gets blocked by something here.

Last edited by AdultFoundry; 07-24-2016 at 05:47 AM.
 
Old 07-24-2016, 05:50 AM   #9
keefaz
LQ Guru
 
Registered: Mar 2004
Distribution: Slackware
Posts: 5,387

Rep: Reputation: 397Reputation: 397Reputation: 397Reputation: 397
Did you check system file permissions?

I would try to unload (comment LoadModule lines in config) each non mandatory apache module then restart apache for testing
 
Old 07-24-2016, 05:59 AM   #10
AdultFoundry
Member
 
Registered: Jun 2015
Posts: 245

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by keefaz View Post
Did you check system file permissions?

I would try to unload (comment LoadModule lines in config) each non mandatory apache module then restart apache for testing
1) I was reading somewhere that "client denied by server configuaration" would not relate to the permissions, as this is the "server configuration". I am to stating that this is true / correct, but this is what I've been reading. I've checked /wordpress-blog-folder/wp-login.php and this is 755-644, so this looks like it should work, but it's been getting the denial message.

2) I will check the modules, like you've suggested here.

Thanks.
 
Old 07-24-2016, 06:02 AM   #11
AdultFoundry
Member
 
Registered: Jun 2015
Posts: 245

Original Poster
Rep: Reputation: Disabled
http://www.tecmint.com/protect-apach...centos-fedora/

I've installed mod_security and mod_evasive bases on that, but I did not configure it / did not make any changes. I think that this affects httpd in some ways, and it may be causing these issues, I am not sure. I am assuming that the httpd would not be blocking all these things by default, but I am not sure. I will try to turn it off now and check, as suggested above.

###Edit:
mod_evasive and / or mod_security installed but not configured, maybe this is the problem...

Last edited by AdultFoundry; 07-24-2016 at 06:17 AM.
 
Old 07-24-2016, 06:28 AM   #12
AdultFoundry
Member
 
Registered: Jun 2015
Posts: 245

Original Poster
Rep: Reputation: Disabled
This may be mod_security, and some info from the error_log overlaps with /var/log/httpd/modsec_audit.log (I did not check exactly, but I see some of these things there). Is there any easy way to uninstall and delete all the files related to mod_evasive and mod_security? I've been reading about it on the Internet, but I haven't seen anything like one command for each, and it would work.
 
Old 07-24-2016, 06:32 AM   #13
AdultFoundry
Member
 
Registered: Jun 2015
Posts: 245

Original Poster
Rep: Reputation: Disabled
Identifying and fixing mod_evasive "client denied by server configuration" errors:

http://parkroad.co.za/identifying-an...uration-errors
 
Old 07-24-2016, 06:35 AM   #14
AdultFoundry
Member
 
Registered: Jun 2015
Posts: 245

Original Poster
Rep: Reputation: Disabled
I will just uninstall both and the issue should be fixed, as I dont have time for researching this and working on configurations. I may come back to these things later on.

###Edit:
yum remove mod_evasive mod_security
systemctl restart httpd

fixes the issue.

Last edited by AdultFoundry; 07-24-2016 at 07:23 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
RHEL 6.5 apache out of the box with mrtg - client denied by server configuration: /var/www/mrtg komradebob Linux - Server 1 06-30-2016 03:06 AM
PHP Notice: Undefined index / Undefined variable in /var/log/httpd/error_log AdultFoundry Linux - Server 3 06-20-2016 07:06 PM
Can Samhain log my entries in /var/log/secure and /var/log/mesage to a central server abefroman Linux - Software 2 04-13-2008 05:13 PM
client denied by server configuration mscomputers Linux - Security 2 12-07-2004 08:49 AM
/var/log/httpd/error_log:Premature end of script headers! katana Linux - General 0 08-14-2001 07:41 AM


All times are GMT -5. The time now is 10:05 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration