Error 324 (net::ERR_EMPTY_RESPONSE): The server closed the connection without se

You′re right, every possible cause for this problem has already been listed in this Thread. Im still looking for a solution, but that′s not a BPS issue. Instead, congratulations for this plugin, is awesome.

Regards

This is a common problem with Godaddy hosting accounts after they, very recently, implemented a ModSecurity configuration change. Your IP address is being flagged as a bot. You’ll have to get GoDaddy support to whitelist your IP address until they fix the ruleset.

Login to your GoDaddy hosting account and turn on error logs to get a 7 day sample. Once the error logs are active, try logging in to your admin dashboard. Review the logs and you’ll see an entry similar to this:

ModSecurity: Access denied with connection close (phase 3). Pattern match “block” at TX:evalaction. [file “/web/httpd2/modsecurity.d/activated_rules /modsecurity_gd_07_post_guardian.conf”] [line “32”] [id “10704”] [msg “BLOCKED – Bot detected! Score: 33”]

——–
https://www.ads-software.com/support/topic/multiple-errors-help
https://www.ads-software.com/support/topic/cant-post-after-352-upgrade-modsecurity-problem

Yup. I took a look at the other posts. Interesting stuff all related to the ongoing Brute Force Login attacks.

I have been studying the Brute Force Login attacks pretty closely and what I am now seeing is a lot of victim sites are now in the equation. The hacked victim sites are now attacking other potential victim sites. Personally I believe the correct approach is block the hacked victim sites in the same way. If a site is hacked and the owner is asleep at the wheel then block it.

So how do we know who’s the attacker to block? I don’t want legit search engines blocked out!

@shamrock1961 – this is something that Host’s are doing at the Server level and not something website owners would do at the website level. If you want additional protection against the Brute Force Login attacks at the (your) website level the see this Forum link below. I have posted several different options that folks can use based on their website needs.

https://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/

On a personal note our sites are blocking 280,000 Brute Force Login attacks per month for 10 websites so the Hosts must be dealing with billions of these Brute Force Login attack requests per month if you consider how many websites Hosts manage/house/host. gnarly.

Here’s something else I need to have clarified…is all this responsible for generating Site Lockout Notifications? I have Better WP Security 3.5.5 and I have been keeping track of IP’s attempting to access my site in some way. I have given permission to the “bots” operated by Google, Microsoft, YAHOO for search engine use but I have so many notifications on usually several of the same IP addresses. Most of eastern Europe and Asia were heavy hitters on searching for stuff on my site that seem to be more than random topics unrelated to what is on my site. SEO has logged 20,000+ 404 errors from Google & Microsoft alone as they were looking for information that was previously on my site but is now in process of being reloaded. It’s been a freakin’ mess. Is any of this a part of Brute Force or is it the “usual” spam crowds from Eastern Europe and Asia? I have been keeping good records of the IP’s and letting many get through without a hassle after I have checked them out via tracers and location software.

I am just curious if any of what I am doing is worth it or just making things worse. I know my numbers dropped when the Site Lockouts become large. 404’s didn’t help my cause as I had plenty of broken links.

Anyone wish to comment on this hodge podge of information????

Thanks.

I know very little about the Better WP Security plugin so I can’t help you with anything regarding that plugin. I guess post in the Better WP Security plugin forum and see if you get a response. It does not look like the plugin author responds to help questions though.

In general, trying to block by IP addresses can be a very time consuming thing. What we are doing now on the AITpro sites is blocking all requests that are using Server Protocol HTTP/1.0 and then all the spammers that are left over that are using HTTP/1.1 we are blocking by subnet. We don’t spend a whole lot of time on this (blocking spammers) since focusing on them would keep us from getting any work done. The best approach is this: Spammers are gnats so when they swarm use some IP address blocking code. When the gnats are not swarming just ignore them.

My problems continue to happen. Had one day of NO 324 errors. July 31, Aug 1-2, 2013 it’s been a nightmare. I keep getting “the finger” from my hosting server “no data received”…Talked to host provider who set up error logs it seems it fingers my IP as the problem and they can’t IP “white page” me all the time either. I disabled all my plugins. Jetpack isn’t the problem nor is Akismet. BUT…suspicions are centering around Ultimate TinyMCE 4.8.1 and Advanced Tiny MCE. Anyone know if they have known issues similar to the 324 caper that’s going on now. AND I am also curious, does anyone know how stable WP 3.6 is? I just loaded it Aug 2. Same problems exist like they did when I I had 3.5.2. Also besides me hitting “F5” to refresh my browser so I can get into my backdoor of my WP site, is there any other reason I should be pinging the hosting server when I leave the backdoor open for longer periods of time between postings? There were over 30 of my personal IP address being posted in the error logs along with an IP from Zimbabwe nailing me at least a dozen times with several seconds between pings or attempts to locate search data from my page.

I am now beyond WTF and Joomla is now generating 324’s on me.

Is a quick sample of what the browser Opera tells me about my issues:

“Connection closed by remote server”

ta da!

Heard that AVG anti-virus was a possibility by someone on another forum site on Monday. Wish I would have copied and posted it here. Anybody care to tackle that one????

Frustratingly yours!

Sham

How many people are experiencing this problem with hosting provider GoDaddy? I am also curious, how many are using GoDaddy’s Linux servers instead of windows?

And anybody aware that the Apache 2.4 server system is loaded with bugs since it was made available earlier this year??

Who knows whether this is our problem? I just disable my entire plugins in WP 3.6. and I still have the same damn problem. Anyone know of a betting hosting provider who will actually tell you the truth and not jack you around like Godaddy seems to be doing?

We use Go Daddy Linux hosting and are not having any issues or problems. It is very unlikely that a plugin or WordPress itself would cause a 324 error. This Forum Thread contains all the different possibilities that could cause 324 errors and most of them are either your Browser or something on your computer (client-side), but yep since the Brute Force Login attacks started months ago the 324 errors are occurring more frequently due to all the factors involved (preventative measures implemented by Hosts, etc.) in these Brute Force Login attacks.

I would imagine the ratio of Linux to Windows hosting would be in the neighborhood of 95% Linux to 5% Windows. Windows IIS Servers are the ideal/optimum choice for in-house corporate networks and not such a good idea for privately hosted (individual website owner) websites. Unless you have an essential ASP application that you need to use then there really is not a good reason to choose Windows hosting instead of Linux hosting for a private website.

So here is the logical process of elimination that you should do. Have your host whitelist your IP address. If you can access your site without seeing a 324 error then the problem is server-side. If you are still having the problem then the problem is client-side, which could include your ISP, but typically is either your Browser, your computer, your router.

I’m experiencing the same issue. Accessing my admin login but once I enter my credentials it takes my to the same error code.
Error code for Firefox:
“The connection was reset
The connection to the server was reset while the page was loading.
The site could be temporarily unavailable or too busy. Try again in a few
moments.
If you are unable to load any pages, check your computer’s network
connection.
If your computer or network is protected by a firewall or proxy, make sure
that Firefox is permitted to access the Web.”

Error code from chrome:
“NO DATA
(net::ERR_EMPTY_RESPONSE)”

Godaddy advised me that it may be something in php.ini file or my .htaccess file. I disabled the .htaccess file and nothing. I cleared history. I made sure my wp-config.php file had no wrong code. I checked my php.ini file and everything looks good. I looked at the possibility that it could be my ISP or my Computer. I’ve tested my website on 2 different ISP providers (grande and timewarner) and in several different settings (open and private networks). It happens randomly. White page or error code. It seems as though it happens only through my admin page when I log in because when I open a different browser or same tab within same browser I’m able to pull up my website. There are at least 3 other people experiencing this same issue. I use godaddy linux. They seem to be no help. I’ve also updated my wordpress. I’ve figured its not wordpress or the plugins. More database and server driven then maybe isp. For now it seems there is no solution to this problem.

1% chance that an .htaccess file or php.ini file could cause the problem.
0% chance that your wp-config.php file or code could cause the problem.

Did you check via 2 different connections with the 2 different ISP’s? Example: You had someone check from another location that is using a different ISP. The reason you would want to check from 2 different locations is hardware/line/router problems also cause this NO Data error and the 324 error.

Post a link to your site and I will test from my ISP.

deleted duplicated post

deleted duplicated post