1

I have a problem with my webserver. When I click to fast through, for example Seafile or Roundcube theres shown a 403 Forbidden Error after a short time. Then the only thing I can do is wait for ~10s and then continue my work. The apache log says only that: 

[Thu Oct 22 14:48:53.068806 2015] [evasive20:error] [pid 3725] [client 95.88.156.113:52747] client denied by server configuration: /var/www/seahub.fcgi, referer: [Seahub Adress]

Im running apache 2.4.7 and in the apache2.conf the Directoryies are set to Require all granted and Options Indexes FollowSymLinks:

<Directory /var/www/>
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>
<Directory /var/lib/roundcube>
    Options Indexes FollowSymLinks
    Require all granted
</Directory>
<Files /var/www/seahub.fcgi>
  Options Indexes FollowSymLinks
  Require all granted
</Files>
<Directory /home/seafile>
  Options Indexes FollowSymLinks
  Require all granted
</Directory>

Even in the sites-available entry of seafile is this set with the <Location> Tag:

....
DocumentRoot /var/www
Alias /media  /home/seafile/haiwen/seafile-server-latest/seahub/media
RewriteEngine On
<Location /media>
  Require all granted
</Location>
<Directory /home/seafile>
  Require all granted
  AllowOverride All
</Directory>
....

Whats going on there?!

levinus
  • 35

1 Answers1

3

Your apache http are running with mod_evasive on.

This module is protection layer for DDoS attack on webserver.

Somehow mod_evasive detect your access as DDoS attempt. There are log at /var/log/mod_evasive that write all information. You can start there to check why it detected your access as DDoS attempt.

Assuming that you install everything using official Ubuntu repository, you can disabled mod_evasive via a2dismod mod-evasive command and then reload your apache.

Aizuddin Zali
  • 1,232