On Wed, Oct 9, 2024 at 5:31 AM Abhijith <learnawse...@gmail.com> wrote:
> Thanks I understand. But can you suggest any debugging method to find out
> which file is requesting the file
>
> On Wed, 9 Oct 2024, 10:37 Frank Gingras, <thu...@apache.org> wrote:
>
>>
>>
>> On Tue, Oct 8, 2024 at 11:25 PM Abhijith <learnawse...@gmail.com> wrote:
>>
>>> Yes, I understand that now. That I shouldn't allow clients to access my
>>> .httaccess file. I don't know why the error occuring
>>>
>>> On Tue, 8 Oct 2024, 17:47 Frank Gingras, <thu...@apache.org> wrote:
>>>
>>>>
>>>>
>>>> On Tue., Oct. 8, 2024, 1:13 a.m. Abhijith, <learnawse...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hi,
>>>>> Yes, In the the root directory there is .htaccess file, the content of
>>>>> the file is
>>>>> ```
>>>>> RewriteEngine on
>>>>> RewriteCond %{REQUEST_FILENAME} !-f
>>>>> RewriteCond %{REQUEST_FILENAME} !-d
>>>>> RewriteCond $1 !^(index\.php|robots\.txt|favicon\.ico)
>>>>> RewriteRule ^(.*)$ /index.php/$1 [L]
>>>>> ```
>>>>>
>>>>> Since by @Eric's suggestion I changed the configuration of httpd.con,
>>>>> like
>>>>> ```
>>>>> <Files ".ht*">
>>>>> Require all granted
>>>>> </Files>
>>>>> ```
>>>>>
>>>>> Now the error is gone, but there is a new error but it is related with
>>>>> the docker configuration.
>>>>> Thanks for the helpful insights.
>>>>>
>>>>> On Mon, 7 Oct 2024 at 19:22, Frank Gingras <thu...@apache.org> wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, Oct 7, 2024 at 7:51 AM Eric Covener <cove...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> On Mon, Oct 7, 2024 at 7:12 AM Eric Covener <cove...@gmail.com>
>>>>>>> wrote:
>>>>>>> >
>>>>>>> > >> [Sun Oct 06 10:02:48.889047 2024] [authz_core:error] [pid
>>>>>>> 10:tid 131326541519672] [client 192.168.16.1:49194] AH01630: client
>>>>>>> denied by server configuration:
>>>>>>> /usr/local/apache2/htdocs/apps/admin/public_html/.htaccess
>>>>>>> >
>>>>>>> > This error means it's not filesystem permissions. Are there other
>>>>>>> > vhosts/*.conf you didn't show? apachectl -S from within the
>>>>>>> container
>>>>>>> > would summarize it.
>>>>>>>
>>>>>>> Based on the error, It seems like you may be unexpectedly accessing
>>>>>>> the .htaccess file directly via a HTTP client, which is rejected by
>>>>>>> design with this snippet:
>>>>>>>
>>>>>>> <Files ".ht*">
>>>>>>> Require all denied
>>>>>>> </Files>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Eric Covener
>>>>>>> cove...@gmail.com
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>>>>>>> For additional commands, e-mail: users-h...@httpd.apache.org
>>>>>>>
>>>>>>>
>>>>>> I am concerned about anything trying to request the .htaccess file
>>>>>> directly as well; it sounds like a broken application/script.
>>>>>>
>>>>>
>>>> That would be a mistake, since those files are not meant to be accessed
>>>> directly.
>>>>
>>>> They are blocked by default for security reasons.
>>>>
>>>
>> You will need to find out what is requesting those files directly; as I
>> stated before, it sounds like a broken script or application.
>>
>
If you log the user agent, that might give you a clue. Otherwise, the time
of the request(s), if it's a cron job. Lastly, if the request is
incessant, perhaps ss/netstat or even packet inspection.
