I was having a heck of a time with a shopping cart on one of my sites, it would never load a full page of products and would return a 403 FORBIDDEN message half the time. The logs showed a ton of "client denied by server configuration" errors, so I started (after three days) to think it was an Apache problem. I went into the httpd.conf for the site and set the following:
KeepAlive Off
MaxKeepAliveRequests 0
KeepAliveTimeout 15
Low and behold, that worked! No more problems!!
Here are the questions:
1. I am wondering how the above three settings will affect security. Seems like I should set some limits (especially on MaxKeepAliveRequests), but I don't know what would be advisable, does anyone have suggestions?
2. I set the above in the individual site httpd. conf (/usr/local/directadmin/data/users/SITENAME/httpd.conf), but, upon restarting Apache, the commands seem to have effected all sites. Shouldn't it have only effected the one individual site?
KeepAlive Off
MaxKeepAliveRequests 0
KeepAliveTimeout 15
Low and behold, that worked! No more problems!!
Here are the questions:
1. I am wondering how the above three settings will affect security. Seems like I should set some limits (especially on MaxKeepAliveRequests), but I don't know what would be advisable, does anyone have suggestions?
2. I set the above in the individual site httpd. conf (/usr/local/directadmin/data/users/SITENAME/httpd.conf), but, upon restarting Apache, the commands seem to have effected all sites. Shouldn't it have only effected the one individual site?