Suppress "client denied by server configuration" Notices

Question

I'm trying to remove the following notices from my error logs:

AH01797: client denied by server configuration: /var/www/html/example.com/xmlrpc.php

I previously had:

LogLevel notice

after reading, How to HIDE "client denied by server configuration:" error in log, I changed my code to:

#NameVirtualHost example.com:443
<VirtualHost *:443>
       ....
       LogLevel notice access_compat:crit
        ErrorLog /var/log/httpd/example.com/error.log
</VirtualHost>

however the notices persist after restarting httpd. How can I remove these notices.

I'm using Server version: Apache/2.4.34.

The deny rule we use in our .htaccess is:

<Files xmlrpc.php>
        Order Deny,Allow
        Deny from all
        Allow from 192.168.0.2
</Files>

Answer 1

The documentation for mod_access_compat mentions:

Available in Apache HTTP Server 2.3 as a compatibility module with previous versions of Apache httpd 2.x. The directives provided by this module have been deprecated by the new authz refactoring. Please see mod_authz_host

I would suspect that the messages may be logged by the new module, and so you have to change access_compat:crit to authz_host:crit or similar.

Update:

Other possible problems you may be having:

• This VirtualHost entry is not the one serving your requests.
• There is another, possibly global LogLevel entry later in the configuration structure which takes precedence

Either way, you can try changing your line to LogLevel debug and see if it makes any difference to the logging level. Just to confirm this line is the the one in scope.