• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

AWStats access protection incompatible with Apache 2.4, causes "client denied by server configuration", triggers fail2ban

Bitpalast

Plesk addicted!
Plesk Guru
Username: Peter Debik

TITLE

AWStats access protection incompatible with Apache 2.4, causes "client denied by server configuration", triggers fail2ban

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Obsidian 18.0.32, latest MU
CentOS 7.9

PROBLEM DESCRIPTION

Issue appears since update from Onyx 17.8 to Obsidian 18.0.32. With the ugprade, it seems that a change was made to Apache, too. Now this happens:

When a customer opens AWStats, he is prompted to enter the FTP user name and password. After entering the credentials, access is granted. But on many files, still a "client denied by server configuration" is logged (although access was granted). We think it is the same issue described here:

The article is about Prestashop, but the behavior is the same, and after the upgrade from Onyx to Obsidian we have seen many cases where the same solution was also needed for other software, not only Prestashop. Our clients are now describing the same issue with AWStats password protection, so it is quite likely that this has the same cause, because there have not been issues before.

STEPS TO REPRODUCE

Password-protect the statistics directory, login, click around in some sub pages.

ACTUAL RESULT

"client denied by server configuration" will be logged although login was correct. Fail2ban reads the entry in the logs, uses the Apache jail and blocks access for the requesting IP.

EXPECTED RESULT

No "client denied by server configuration" logged.

ANY ADDITIONAL INFORMATION



YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
Back
Top