Random 403 when surfing fast

Dezdan

• July 18, 2022 23:44

I'm running a few phpBB forums on my server and I am having an issue where if you move to fast between topics, you get a super generic 403 error: Forbidden - You don't have permission to access this resource. - Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. If you refresh after a few seconds, you get the page you navigated too. I've already ruled out the phpBB software, the 403 is coming from the server. The apache error log is of little help: [Mon Jul 11 17:53:56.119982 2022] [:error] [pid 16607:tid 47431345100544] [client XX.XX.XX.XXX:62920] client denied by server configuration: /home/website/public_html/forum/viewforum.php, referer: https://www.website.com/forum/viewforum.php?f=7&start=100
Nothing ever shows in the ModSecurity logs, even when I turn on 'Log all transactions'. If I disable ModSecurity the error is still repeatable. If I disable CSF the error is still repeatable. Repeating the error, and getting a PID 7108 in the apache error log, and looking at running processes, I'm seeing PID 7108 as: Pid Name File Current Directory Command Line 7108 (httpd) /usr/sbin/httpd / /usr/sbin/httpd -k start
This seems to be a security measure IMO, but what is it? What am I missing here?

• 

  cPRex Jurassic Moderator

  • July 19, 2022 15:21

  Hey there! You're right that this is likely some type of DoS prevention. My first guess, besides what you have mentioned, would be the Apache mod_evasive module. Is that installed on your machine?

  0
• 

  Dezdan

  • July 20, 2022 00:16

  My first guess, besides what you have mentioned, would be the Apache mod_evasive module. Is that installed on your machine?

  
  BINGO!!! I have it installed, and upon disabling it, it resolves the issue. Thank you! I guess I will edit its parameters.

  0
• 

  cPRex Jurassic Moderator

  • July 20, 2022 14:32

  I'm glad that's all it was!

  0

Please sign in to leave a comment.