403 all of a sudden.

MentaL

MentaL

Well-Known Member
#1
#1
Hi,

I've got a random 403 all of a sudden on all ips except my own. I've not changed any configurations except for a random htaccess that was not in any root directories but all content now serves 403 with the exception of my own. I've got my allow access IP list to CF ranges, even tried all but still, only myself and my IP can access the content. This is an odd one for me to figure out.

Suggestions welcomed.

Code: 
2025-04-13 10:44:05.099456    DEBUG    [16274] [T0] [172.70.94.146] Adjusted Brute Force quota 300647676/1073741823
2025-04-13 10:44:05.099458    DEBUG    [16274] [T0] [172.69.17.79] Adjusted Brute Force quota 715827800/1073741823
2025-04-13 10:44:05.099460    DEBUG    [16274] [T0] [172.68.224.224] Adjusted Brute Force quota 85899336/1073741823
2025-04-13 10:44:05.099463    DEBUG    [16274] [T0] [172.71.254.35] Adjusted Brute Force quota 386547012/1073741823
2025-04-13 10:44:05.099465    DEBUG    [16274] [T0] [172.71.190.92] Adjusted Brute Force quota 909101306/1073741823
2025-04-13 10:44:05.099467    DEBUG    [16274] [T0] [198.41.230.181] Adjusted Brute Force quota 243381452/1073741823
2025-04-13 10:44:05.099469    DEBUG    [16274] [T0] [162.158.41.206] Adjusted Brute Force quota 844676804/1073741823
2025-04-13 10:44:05.099470    DEBUG    [16274] [T0] [172.70.178.174] Adjusted Brute Force quota 794568858/1073741823
2025-04-13 10:44:05.099472    DEBUG    [16274] [T0] [172.68.70.37] Adjusted Brute Force quota 150323838/1073741823
2025-04-13 10:44:05.099476    DEBUG    [16274] [T0] [172.70.208.132] Adjusted Brute Force quota 952050974/1073741823
access control

Code: 
173.245.48.0/20T, 103.21.244.0/22T, 103.22.200.0/22T, 103.31.4.0/22T, 141.101.64.0/18T, 108.162.192.0/18T, 190.93.240.0/20T, 188.114.96.0/20T, 197.234.240.0/22T, 198.41.128.0/17T, 162.158.0.0/15T, 104.16.0.0/13T, 104.24.0.0/14T, 172.64.0.0/13T, 131.0.72.0/22T, 2400:cb00::/32T, 2606:4700::/32T, 2803:f800::/32T, 2405:b500::/32T, 2405:8100::/32T, 2a06:98c0::/29T, 2c0f:f248::/32T
 
MentaL

MentaL

Well-Known Member
#2
#2
I've managed to fix it for now by adding this to .htaccess

Code: 
<Limit GET POST>
    order allow,deny
    allow from all
</Limit>
I've not had to do this before, I've made no configuration changes.

For reference, here is my existing .htaccess now with the above code added. I've never needed to do this before!!!

Code: 
RewriteEngine On

<Limit GET POST>
    order allow,deny
    allow from all
</Limit>

# Force SSL:
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

# Rewrite domain.com/forum.domain to subdomain
RewriteCond %{HTTP_HOST} ^(www\.)?domain\.com$ [NC]
RewriteCond %{REQUEST_URI} ^/forum\.domain\.com/(.*) [NC]
RewriteRule ^ https://forum.domain.com/%1 [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(data/|js/|styles/|install/|favicon\.ico|crossdomain\.xml|robots\.txt) - [NC,L]
RewriteRule ^.*$ index.php [NC,L]

# php -- BEGIN cPanel-generated handler, do not edit
# This domain inherits the “PHP” package.
# php -- END cPanel-generated handler, do not edit

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php8_module>
   php_flag display_errors Off
   php_value max_execution_time 60
   php_value max_input_time 120
   php_value max_input_vars 2000
   php_value memory_limit 512M
   php_value post_max_size 32M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php84"
   php_value upload_max_filesize 100M
   php_flag zlib.output_compression Off
</IfModule>
<IfModule lsapi_module>
   php_flag display_errors Off
   php_value max_execution_time 60
   php_value max_input_time 120
   php_value max_input_vars 2000
   php_value memory_limit 512M
   php_value post_max_size 32M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php84"
   php_value upload_max_filesize 100M
   php_flag zlib.output_compression Off
</IfModule>
# END cPanel-generated php ini directives, do not edit
Unless there is some override going on? I had in a folder sourced at domain.com/folder/.htaccess an ip limitation, but exclusively in that folder. Only this morning when I added another IP address to that, things went sour. I removed the .htaccess ip limitation within that folder and yet all ips (minus my own that was in the allow list on that root/folder) could access. Is there an override taking place and causing a cache issue within the webserver? Even post removal, reinstalling, restarting, trying to clear any sort of "local" cache, it persisted until the above addition.

Its a fascinating one. I hope you can conclude why.
 
Last edited:
You must log in or register to reply here.
Top