7

For security reasons I installed the apache modules security and evasive. No I get sometimes the Error

Forbidden You don't have permission to access /index.php on this server.

The logfile of apache shows me: [Tue May 12 14:42:32.825039 2015] [evasive20:error] [pid 27443] [client 192.168.32.22:51305] client denied by server configuration: /var/www/test/index.php, referer: http://test.domain.local/index.php

I know it is important to secure Apache Webserver. But this error makes qualified working not possible. How can I prevent from this error? If I deactive the module with a2dismod evasive, the error does not come up.

Thank you.

Perino
  • 608
  • 9
  • 30

2 Answers2

12

Did you set up the limit rate for URL request ? Try to add this into your apache2.conf

DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 50
DOSPageInterval 2
DOSSiteInterval 2
DOSBlockingPeriod 10

DOSPageCount is the number limit for requesting a URL. DOSPageInterval is the time limit for request a URL. Here for example you can request 5time a URL within 2seconds.

There's an article with a guy having the same problem, here it is if you want more information http://www.techtutorials.net/articles/introduction_to_apache_mod_evasive.html

Alex
  • 307
  • 3
  • 7
  • My settings were different - DOSPageCount=2, DOSPageInterval=1, DOSSiteInterval=1. I updated the settings to your recommendation and now, the failure seems to be gone. Thank you for the hint! – Perino May 12 '15 at 14:02
1

The "evasive20: error client denied by server configuration" error message is generated by the Apache web server when it denies access to a client due to an evasion attempt. This message is usually produced by the mod_evasive module, which is a security module for Apache that provides basic protection against DoS (Denial of Service) and DDoS (Distributed Denial of Service) attacks.

To resolve the "evasive20: error client denied by server configuration" error, you need to either adjust the configuration of the mod_evasive module or whitelist the client's IP address so that it is no longer blocked. Here are some common steps to resolve this error:

  • Check the mod_evasive configuration: The first step is to check the mod_evasive configuration to make sure that it is configured to block clients in a way that is appropriate for your needs. The configuration file is typically located at /etc/httpd/conf.d/mod_evasive.conf or /etc/apache2/mods-available/mod_evasive.conf.

  • Whitelist the client's IP address: You can add the client's IP address to the mod_evasive whitelist to prevent it from being blocked. This can be done by adding the following line to the mod_evasive configuration file:

     DOSHashTableSize    3097
 DOSPageCount        10
 DOSSiteCount        50
 DOSPageInterval     1
 DOSSiteInterval     1
 DOSBlockingPeriod   10
 DOSWhitelist 192.168.32.22
 DOSEmailNotify      somone@gmail.com
 DOSSystemCommand    "su - someuser -c '/sbin/... %s ...'"
 DOSLogDir           "/var/log/apache2/"

  • Modify the request rate threshold: The mod_evasive module blocks clients that make too many requests in a short amount of time. You can adjust the threshold for blocking clients by modifying the DOSPageCount and DOSSiteCount parameters in the mod_evasive configuration file.

  • Restart the Apache server: After making changes to the mod_evasive configuration, you need to restart the Apache server for the changes to take effect.

These are some common steps to resolve the "evasive20: error client denied by server configuration" error, but the exact solution will depend on your specific configuration and setup.

ShapCyber
  • 3,382
  • 2
  • 21
  • 27