Access is denied by context rewrite. 443

John11

John11

Verified User
Joined
Feb 15, 2022
Messages
12
Location
https://t.me/pump_upp
In the full log in DirectAdmin, the following error occurs repeatedly "Access is denied by context rewrite. port 443" I can't figure out myself that where the error is, the one that should be in the .htaccess.

Alle informatie staat in de attach files off this topic

Can someone take a look for me where the error is, thank you very much
 

Attachments

  • Screenshot_8.png
    Screenshot_8.png
    35.8 KB · Views: 127
  • htaccess.txt
    htaccess.txt
    23.4 KB · Views: 454
Detail about the log entries "Access is denied by context rewrite." can be found inside regular web server access log. Just lookup IP and check that the time of the access/error log entry is matching.

Can you find your IP in any of these log lines? If so, you may find out which URL/request is causing this and then play with the .htaccess file to see which particular rule is triggering that.

If you can not find your IP, yet these denied requests log lines are added very often into the log, it is OK, just backup your .htaccess and then rename it to see if log lines stops being added. If it stoped, then the cause is .htaccess. Rename it back and cut out one half of the file content and save to see if log lines are still added, if yes, then you have found correct half of the file where the error is. You can cut half of the half and again watch your log. This way you can find causing rewrite rule.

Another approach may be searching for [F] and trying to cut out such paragraphs.
Using the [F] flag causes the server to return a 403 Forbidden status code to the client.
Click to expand...
Btw. anyone please knows how to make web server (is it LiteSpeed?) to output not just "Access is denied by context rewrite" but more detailed log line incl. possibly request URL with all parameters?
 
Last edited:
John11 said:
the following error occurs repeatedly
Click to expand...
Those are not errors, those are information, it says [INFO] and it's just to inform you that your .htaccess rule was applied.

There are a couple of rules with [F] statements in your .htaccess file.
Most likely these hosts used some approach which was forbidden by one of these rules.

When checking the ip addresses I see this:
185.191.171.13 -> Semrush Bot - you don't want this anyway on your server.
77.88.9.10 -> Russion, it's from Yandex Spider - Yandex is also a search engin.
144.178.206.158 -> This one is a bit odd. This is from Euro Fiber, also Computer Newspapers Services according to a whois. But Euro Fiber has a lot of users. It could be this is valid, it could also be a Euro Fiber user who is trying to access your system in a non-valid way.

So I would check how many times "repeatedly" is and which ip addresses are causing these info lines.
As long as it's Semrush or Yandex there is no reason to be worried about it.
 
You must log in or register to reply here.
Back
Top