Support

Admin Tools

#25045 authz_core:error in server log

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Wednesday, 01 June 2016 17:20 CDT

Saturday, 30 April 2016 07:10 CDT

jjst135
 Hi! I im browsing through our DirectAdmin user weblogs to see if there are issues we have not noticed yet. All seem to be fine, but on a number of sites (Joomla with AdminTools) we get these kind of errors:

[Sat Apr 30 12:43:19.086401 2016] [authz_core:error] [pid 768984:tid 140195298924288] [client 208.115.113.83:35804] AH01630: client denied by server configuration: /home/blauwv01/domains/blauwvingerenergie.nl/public_html/robots.txt
[Sat Apr 30 12:43:19.086552 2016] [authz_core:error] [pid 768984:tid 140195298924288] [client 208.115.113.83:35804] AH01630: client denied by server configuration: /home/blauwv01/domains/blauwvingerenergie.nl/public_html/403.shtml

The all involve the robots.txt and 403.shtml files.

The robots.txt file on this particular site is accessible through the browser.

I was just wondering if you could help me figure out if this is something to worry about. Can serach engines readthe robots.txt ok?

On the web I read some remarks about changing

Order allow, deny
Allow from all

to:

Require all granted

But I don't think this code is used in the htaccess. (We are on apache 2.4) The webroot htaccess is created by AdminTools.

Any thoughts on where these error log entries come from and if I should worry about it?

Kind regards,
Jip Jonker

Monday, 02 May 2016 01:48 CDT

tampe125
Hello,

can you please check your htaccess configuration, are you blocking specific user-agents? Can you please try to disable such feature?

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Monday, 02 May 2016 02:46 CDT

jjst135
Hi! I have disable the 'Block access from specific user agents' option on on of our sites. We will wait and see if the error log is still producing these error.

But when this 'solves' the error messages, should we keep it disabled? I guess this feature is added for a specific reason. To make the sites safer. right? We could also just ignore the errors in the logs if we know for sure they are only caused by specific user agents. At least we now know why the errors are there. Would you advise to keep the feature turned on?

Kind regards,
Jip Jonker
Edited by jjst135 on 2016-05-02 02:50 CDT

Monday, 02 May 2016 03:06 CDT

tampe125
Ok, I'll wait for your check.
Usually you can leave it enabled, except if you are using any external service to get in touch with your site (ie WebCron, Acyba mailing system etc etc).
Anyway, it's main scope is not to block any security exceptions, but to make life of attackers a little harder and block "script kiddies".

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Monday, 02 May 2016 04:40 CDT

jjst135
It seems there are no more errors with 'authz_core'. So I guess these were indeed related to the user-agents being blocked. We now will have to decide whether we want to make life easier for the 'kiddies' and prevent the errors, or the other way around ;-)

Monday, 02 May 2016 04:47 CDT

tampe125
Great news!
I'm glad you fixed your issue.

Davide Tampellini

Developer and Support Staff

๐Ÿ‡ฎ๐Ÿ‡นItalian: native ๐Ÿ‡ฌ๐Ÿ‡งEnglish: good โ€ข ๐Ÿ• My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Wednesday, 01 June 2016 17:20 CDT

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.
Edited by on 2016-06-01 17:20 CDT

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!