Apparently, the problems I'm having with this script go much deeper than I reported before. Even though the tests I ran were successful in blocking a test agent or a referer from the cli, looking in Apache's error_log shows a massive amount of lines like this:
% tail -f /var/log/apache2/error_log
...
2024-08-13 02:41:40.539364 [INFO] [3554907] [T0] [xxx.xxx.xxx.xxx:34390#APVH_domain.com:443] [ACL] Access to context [/] is denied!
...
Not only that, but this script also prevents a deflector map script of mine from working. When I pull globalblacklist from httpd.conf, all those messages stop and my other script starts working again.
To test further, I deleted all custom data (while leaving the files in place, as instructed) but that didn't stop the problems. Even with only a stock globalblacklist.conf file, the problems continued. So, unless there's a problem with this script that no one else has reported (doubtful), the only thing I can think of is the way I'm calling this script is wrong.
cPanel says to not alter httpd.conf and to use WHM to add additional code to one of the following sections at Home / Service Configuration / Apache Configuration / Include Editor:
Pre Main Include
Pre Virtual Host Include
Post Virtual Host Include
Include File Location: /etc/apache2/conf.d/includes
so I added the following code to the Post Virtual Host Include section:
# ######################################
# GLOBAL! deny bad bots and IP addresses
# ######################################
#
# Should be set after <VirtualHost>s. See https://httpd.apache.org/docs/2.4/sections.html#merging
<Location "/">
# AND-combine with preceding configuration sections
AuthMerging And
# Include blacklist.
Include /etc/apache2/custom.d/globalblacklist.conf
</Location>
Notice the absolute path. If I use the relative paths suggested (also inside globalblacklist.conf), I get the following errors:
2024-08-13 02:43:37.235530 [ERROR] [3557585] [T0] [/etc/apache2/custom.d/globalblacklist.conf:8445] Failed to get absolute path for [/usr/local/apache/custom.d/whitelist-ips.conf/(null)]!
2024-08-13 02:43:37.235495 [ERROR] [3557585] [T0] [/etc/apache2/custom.d/globalblacklist.conf:8421] Failed to get absolute path for [/usr/local/apache/custom.d/blacklist-ips.conf/(null)]!
2024-08-13 02:43:37.214596 [ERROR] [3557585] [T0] [/etc/apache2/custom.d/globalblacklist.conf:928] Failed to get absolute path for [/usr/local/apache/custom.d/bad-referrer-words.conf/(null)]!
2024-08-13 02:43:37.214588 [ERROR] [3557585] [T0] [/etc/apache2/custom.d/globalblacklist.conf:858] Failed to get absolute path for [/usr/local/apache/custom.d/whitelist-domains.conf/(null)]!
2024-08-13 02:43:37.214569 [ERROR] [3557585] [T0] [/etc/apache2/custom.d/globalblacklist.conf:844] Failed to get absolute path for [/usr/local/apache/custom.d/blacklist-user-agents.conf/(null)]!
I would REALLY like to use this script. Does anyone have a clue as to what's going on? Is anyone else experiencing anything similar? If you've never looked at your error_log, you should just to see if you get the same results. Run tail (with sudo or as root) and let it sit for awhile to watch messages accumulate and see what shows up:
% tail -f /var/log/apache2/error_log
Any clues would be greatly appreciated. I'd really like to put this issue to bed once and for all.
Apparently, the problems I'm having with this script go much deeper than I reported before. Even though the tests I ran were successful in blocking a test agent or a referer from the cli, looking in Apache's error_log shows a massive amount of lines like this:
Not only that, but this script also prevents a deflector map script of mine from working. When I pull globalblacklist from httpd.conf, all those messages stop and my other script starts working again.
To test further, I deleted all custom data (while leaving the files in place, as instructed) but that didn't stop the problems. Even with only a stock globalblacklist.conf file, the problems continued. So, unless there's a problem with this script that no one else has reported (doubtful), the only thing I can think of is the way I'm calling this script is wrong.
cPanel says to not alter httpd.conf and to use WHM to add additional code to one of the following sections at Home / Service Configuration / Apache Configuration / Include Editor:
Pre Main Include Pre Virtual Host Include Post Virtual Host Include
Include File Location: /etc/apache2/conf.d/includes
so I added the following code to the Post Virtual Host Include section:
Notice the absolute path. If I use the relative paths suggested (also inside globalblacklist.conf), I get the following errors:
I would REALLY like to use this script. Does anyone have a clue as to what's going on? Is anyone else experiencing anything similar? If you've never looked at your error_log, you should just to see if you get the same results. Run
tail
(with sudo or as root) and let it sit for awhile to watch messages accumulate and see what shows up:Any clues would be greatly appreciated. I'd really like to put this issue to bed once and for all.
Thanks! Marc
OS: CloudLinux 8.10.0 Apache Version: 2.4.62 cPanel: 120.0.15