Random 403 Forbidden errors

Discussion in 'Installation/Configuration' started by Arkymedes, Jul 27, 2015.

  1. Arkymedes

    Arkymedes New Member

    Hello all, first time posting here but lurking for some time now :)
    Anyway, yesterday I rented out a VPS and installed ISPConfig 3 there following one of the Perfect guides for Debian 7.

    All good and everything running nice, until today where I noticed that if refreshing a page enough times, browsing quick enough through ISPConfig settings or even checking emails via Roundcube, it gives me random 403 pages. That definetely points to an Apache misconfiguration or limitation but I don't know what causes this.

    Error log shows this for example:
    [error] [client XX.XXX.XX.XXX] client denied by server configuration: /var/www/

    I simply have no idea what can cause this and I repeat that all my installation was done by the tee using the guides here on HowtoForge. I also should stress that I'm more of a Linux enthusiast and can safely be considered as a "noob" :)

    Would anyone kindly help me out with that?

    Best regards,
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Please post the output of:

    ls /etc/apache2/mods-enabled/
  3. Arkymedes

    Arkymedes New Member

    Hello and thanks so much for the blazing fast response! :O

    This is the output:
    ls /etc/apache2/mods-enabled/
    actions.conf          autoindex.load  include.load      rewrite.load
    actions.load          cgi.load        mime.conf         ruby.load
    alias.conf            deflate.conf    mime.load         setenvif.conf
    alias.load            deflate.load    mod-evasive.load  setenvif.load
    auth_basic.load       dir.conf        negotiation.conf  ssl.conf
    authn_file.load       dir.load        negotiation.load  ssl.load
    authz_default.load    env.load        php5.conf         status.conf
    authz_groupfile.load  fastcgi.conf    php5.load         status.load
    authz_host.load       fastcgi.load    python.load       suexec.load
    authz_user.load       fcgid.conf      reqtimeout.conf   suphp.conf
    autoindex.conf        fcgid.load      reqtimeout.load   suphp.load
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    You have the apache module mod-evasive, the purpose of this module is to deny further access with a 403 request when too many request come from the same ip or when someone reloads a page more then the specified numbers. So the behaviour of your server is ok as it does exactly what mod-evasive shall do. This module is not part of the perfect server guide, so you must have installed it separately.

    If you dont want to use it, then disable it again with:

    a2dismod mod-evasive
    service apache2 restart
    Arkymedes likes this.
  5. Arkymedes

    Arkymedes New Member

    Thank you so much till for your prompt and concise response. Everything works perfectly now!

    Best wishes,

Share This Page