“AH01630: client denied by server configuration” while accessing backend

  • Resolved chtoller

    (@chtoller)


    1 year, 8 months ago

    Hi there,
    we are just configuring the Matomo Plugin and found that our IP is blocked by the webserver after a few clicks in the Matomo admin pages in the WordPress backend.

    It took me a while to find that the Matomo backend tries to access /wp-content/plugins/matomo/app/config/global.ini.php, even though that is forbidden by the .htaccess file in /wp-content/plugins/matomo/

    The file itself contains the warning NOT to modify it but to contact Matomo in case of issues. As I consider this more likely to be a plugin issue, I’m posting this here.

    The issue can be reproduced easily. Config: WP 6.1.1, Matomo Plugin 4.13.5, Twenty TwentyTwo theme, no other plugins active, PHP 8.0
    Every attempt to access Matomo Analytics / First steps causes the following error in the apache error_log:

    [Tue Mar 14 21:11:59.402619 2023] [authz_core:error] [pid 1607997] [client 94.16.33.171:0] AH01630: client denied by server configuration: /var/www/vhosts/hoeckner.com/staging.hoeckner.com/wp-content/plugins/matomo/app/config/global.ini.php, referer: https://staging.hoeckner.com/wp-content/plugins/matomo/app/config/global.ini.php

    If I rename /wp-content/plugins/matomo/.htaccess to /wp-content/plugins/matomo/.htaccess.bak the error does not show again.

    At the top of the htaccess file you’ll find
    # Do not allow access to any php file directly unless it is index/matomo.php
    Well, I guess it does just that. I guess the plugin forces the client browser to attempt accessing the config file, and should just not do that.

    That would usually not cause any issue, besides the error being logged.
    But in my case, the webserver is running fail2ban, and that blocks the client IP after 6 attempts to access that config file. Not funny, my customer was locked out of his own website for at least 10 minutes several times….

    Can you fix that?

    Thanks,
    Christian Toller
    tethis IT
    Vienna, Austria

    The page I need help with: [log in to see the link]

Viewing 6 replies - 16 through 21 (of 21 total)
  • Plugin Support emermatomo

    (@emermatomo)

    You can add it from any line that will not break other scripts or you can safely add it at the bottom line.

    Hello emermatomo,

    i have exact the same issue. I tried your solutions bit it does not work.

    Thx

    Andreas

    Hi, the issues is also with Matomo standalone installation, auth error in logs makes fail2ban to ban clients, not fun. Please fix it, make sure no such error happens.

    I contacted my webhoster again and this time they told me that this is a know inssue and that Matomo was blocked by their firewall. So now it works again but I have not clue why it took so many months although I called them several times.

    I don’t know which firewall software they use but if you need to know, I can find that out. Looks like several webhosters are affected by that problem. All solutions provided in this thread did not work for me.

    Plugin Support emermatomo

    (@emermatomo)

    Hello @wpzugang it would be great if you can let us know. Also, could you please confirm who is your web server provider?

    The web server provider is webgo. Firewall I need to check

Viewing 6 replies - 16 through 21 (of 21 total)
  • The topic ‘“AH01630: client denied by server configuration” while accessing backend’ is closed to new replies.