Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | |||
litespeed_wiki:config:understanding_403 [2019/06/13 15:37] Jackson Zhang [Throttling] |
litespeed_wiki:config:understanding_403 [2019/06/13 15:42] (current) Jackson Zhang [Throttling] |
||
---|---|---|---|
Line 66: | Line 66: | ||
If mod_security rules enabled, it may be triggerred for 403 error. For example: | If mod_security rules enabled, it may be triggerred for 403 error. For example: | ||
[modsecurity] [Fri Apr 26 10:07:36 2019] [error] [client 111.111.111.111] ModSecurity: Access denied with code 403, [Rule: 'TX:ANOMALY_SCORE' '@ge %{tx.in_example_score_threshold}'] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"][tag "platform-multi"] [tag "attack-generic"] | [modsecurity] [Fri Apr 26 10:07:36 2019] [error] [client 111.111.111.111] ModSecurity: Access denied with code 403, [Rule: 'TX:ANOMALY_SCORE' '@ge %{tx.in_example_score_threshold}'] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"][tag "platform-multi"] [tag "attack-generic"] | ||
- | ===== Throttling ===== | + | ===== Hit LiteSpeed Per Client Throttling connection limit ===== |
Similar to the previous case - if you have strict throttling rules and you make too many connections, that can trigger error 403. | Similar to the previous case - if you have strict throttling rules and you make too many connections, that can trigger error 403. | ||
For example, you may use LiteSpeed ''per client throttling'' throttling feature and set ''Connection Soft Limit'' and ''Connection Hard Limit''. If any visitor's IP goes over that connection limit, it will trigger 403 error and show the following in the logs: | For example, you may use LiteSpeed ''per client throttling'' throttling feature and set ''Connection Soft Limit'' and ''Connection Hard Limit''. If any visitor's IP goes over that connection limit, it will trigger 403 error and show the following in the logs: | ||
Line 72: | Line 72: | ||
or | or | ||
[NOTICE] [x.x.x.x] bot detected for vhost [N/A], reason: OverConnHardLimit, close connection! | [NOTICE] [x.x.x.x] bot detected for vhost [N/A], reason: OverConnHardLimit, close connection! | ||
- | | + | |
+ | ===== Hit reCAPTCHA security feature ===== | ||
+ | If a visitor fails on reCAPTCHA verification, it may trigger 403 error. | ||
+ | |||
+ | ===== Hit LiteSpeed WordPress Protection feature ===== | ||
+ | If a visitor hit LiteSpeed WordPress Protection feature with over limit connections, it may trigger 403 error. | ||
===== GeoIP/IP2Loc or Similar Modules ===== | ===== GeoIP/IP2Loc or Similar Modules ===== | ||
If GeoIP or IP2Loc is allowed, they can block access to files like ''wp-login'' (wp-admin). In this case you need to allow them access in order to avoid the error. | If GeoIP or IP2Loc is allowed, they can block access to files like ''wp-login'' (wp-admin). In this case you need to allow them access in order to avoid the error. |