Lord Maverik

Такс, у меня кстати не apache стоит, а apache2. Это чтобы создаваемые апачем файла, делались под юзером.

Смотрю вкладки сервисы, там есть HTTP, в настройках - файл конфига: /etc/inetd.conf

Но такого файла нет.

Есть такой например: /etc/apache2/apache2.conf

ServerName localhost

#

# Based upon the NCSA server configuration files originally by Rob McCool.

#

# This is the main Apache server configuration file.  It contains the

# configuration directives that give the server its instructions.

# See http://httpd.apache.org/docs/2.2/ for detailed information about

# the directives.

#

# Do NOT simply read the instructions in here without understanding

# what they do.  They're here only as hints or reminders.  If you are unsure

# consult the online docs. You have been warned.  

#

# The configuration directives are grouped into three basic sections:

#  1. Directives that control the operation of the Apache server process as a

#     whole (the 'global environment').

#  2. Directives that define the parameters of the 'main' or 'default' server,

#     which responds to requests that aren't handled by a virtual host.

#     These directives also provide default values for the settings

#     of all virtual hosts.

#  3. Settings for virtual hosts, which allow Web requests to be sent to

#     different IP addresses or hostnames and have them handled by the

#     same Apache server process.

#

# Configuration and logfile names: If the filenames you specify for many

# of the server's control files begin with "/" (or "drive:/" for Win32), the

# server will use that explicit path.  If the filenames do *not* begin

# with "/", the value of ServerRoot is prepended -- so "foo.log"

# with ServerRoot set to "/etc/apache2" will be interpreted by the

# server as "/etc/apache2/foo.log".

#



### Section 1: Global Environment

#

# The directives in this section affect the overall operation of Apache,

# such as the number of concurrent requests it can handle or where it

# can find its configuration files.

#



#

# ServerRoot: The top of the directory tree under which the server's

# configuration, error, and log files are kept.

#

# NOTE!  If you intend to place this on an NFS (or otherwise network)

# mounted filesystem then please read the LockFile documentation (available

# at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>);

# you will save yourself a lot of trouble.

#

# Do NOT add a slash at the end of the directory path.

#

#ServerRoot "/etc/apache2"



#

# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.

#

LockFile ${APACHE_LOCK_DIR}/accept.lock



#

# PidFile: The file in which the server should record its process

# identification number when it starts.

# This needs to be set in /etc/apache2/envvars

#

PidFile ${APACHE_PID_FILE}



#

# Timeout: The number of seconds before receives and sends time out.

#

Timeout 300



#

# KeepAlive: Whether or not to allow persistent connections (more than

# one request per connection). Set to "Off" to deactivate.

#

KeepAlive On



#

# MaxKeepAliveRequests: The maximum number of requests to allow

# during a persistent connection. Set to 0 to allow an unlimited amount.

# We recommend you leave this number high, for maximum performance.

#

MaxKeepAliveRequests 100



#

# KeepAliveTimeout: Number of seconds to wait for the next request from the

# same client on the same connection.

#

KeepAliveTimeout 15



##

## Server-Pool Size Regulation (MPM specific)

## 



# prefork MPM

# StartServers: number of server processes to start

# MinSpareServers: minimum number of server processes which are kept spare

# MaxSpareServers: maximum number of server processes which are kept spare

# MaxClients: maximum number of server processes allowed to start

# MaxRequestsPerChild: maximum number of requests a server process serves

<IfModule mpm_prefork_module>

    StartServers          5

    MinSpareServers       5

    MaxSpareServers      10

    MaxClients          150

    MaxRequestsPerChild   0

</IfModule>



# worker MPM

# StartServers: initial number of server processes to start

# MaxClients: maximum number of simultaneous client connections

# MinSpareThreads: minimum number of worker threads which are kept spare

# MaxSpareThreads: maximum number of worker threads which are kept spare

# ThreadLimit: ThreadsPerChild can be changed to this maximum value during a

#              graceful restart. ThreadLimit can only be changed by stopping

#              and starting Apache.

# ThreadsPerChild: constant number of worker threads in each server process

# MaxRequestsPerChild: maximum number of requests a server process serves

<IfModule mpm_worker_module>

    StartServers          2

    MinSpareThreads      25

    MaxSpareThreads      75 

    ThreadLimit          64

    ThreadsPerChild      25

    MaxClients          150

    MaxRequestsPerChild   0

</IfModule>



# event MPM

# StartServers: initial number of server processes to start

# MaxClients: maximum number of simultaneous client connections

# MinSpareThreads: minimum number of worker threads which are kept spare

# MaxSpareThreads: maximum number of worker threads which are kept spare

# ThreadsPerChild: constant number of worker threads in each server process

# MaxRequestsPerChild: maximum number of requests a server process serves

<IfModule mpm_event_module>

    StartServers          2

    MaxClients          150

    MinSpareThreads      25

    MaxSpareThreads      75 

    ThreadLimit          64

    ThreadsPerChild      25

    MaxRequestsPerChild   0

</IfModule>



# These need to be set in /etc/apache2/envvars

User ${APACHE_RUN_USER}

Group ${APACHE_RUN_GROUP}



#

# AccessFileName: The name of the file to look for in each directory

# for additional configuration directives.  See also the AllowOverride

# directive.

#



AccessFileName .htaccess



#

# The following lines prevent .htaccess and .htpasswd files from being 

# viewed by Web clients. 

#

<Files ~ "^\.ht">

    Order allow,deny

    Deny from all

    Satisfy all

</Files>



#

# DefaultType is the default MIME type the server will use for a document

# if it cannot otherwise determine one, such as from filename extensions.

# If your server contains mostly text or HTML documents, "text/plain" is

# a good value.  If most of your content is binary, such as applications

# or images, you may want to use "application/octet-stream" instead to

# keep browsers from trying to display binary files as though they are

# text.

#

DefaultType text/plain





#

# HostnameLookups: Log the names of clients or just their IP addresses

# e.g., www.apache.org (on) or 204.62.129.132 (off).

# The default is off because it'd be overall better for the net if people

# had to knowingly turn this feature on, since enabling it means that

# each client request will result in AT LEAST one lookup request to the

# nameserver.

#

HostnameLookups Off



# ErrorLog: The location of the error log file.

# If you do not specify an ErrorLog directive within a <VirtualHost>

# container, error messages relating to that virtual host will be

# logged here.  If you *do* define an error logfile for a <VirtualHost>

# container, that host's errors will be logged there and not here.

#

ErrorLog ${APACHE_LOG_DIR}/error.log



#

# LogLevel: Control the number of messages logged to the error_log.

# Possible values include: debug, info, notice, warn, error, crit,

# alert, emerg.

#

LogLevel warn



# Include module configuration:

<VirtualHost тут ip:80>

	ServerName сайт.ru

	DocumentRoot /var/www/юзер/data/www/сайт.ru

	AssignUserID юзер юзер 

	CustomLog /var/www/httpd-logs/сайт.ru.access.log combined

	ErrorLog /var/www/httpd-logs/сайт.ru.error.log

	ServerAlias www.сайт.ru

	ServerAdmin webmaster@сайт.ru

	php_admin_value open_basedir "/var/www/юзер/data:."

	php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f webmaster@сайт.ru"

	php_admin_value upload_tmp_dir "/var/www/юзер/data/mod-tmp"

	php_admin_value session.save_path "/var/www/юзер/data/mod-tmp"

	AddType application/x-httpd-php .php .php3 .php4 .php5 .phtml

	AddType application/x-httpd-php-source .phps

</VirtualHost>



Include mods-enabled/*.load

Include mods-enabled/*.conf



# Include all the user configurations:

Include httpd.conf



# Include ports listing

Include ports.conf



#

# The following directives define some format nicknames for use with

# a CustomLog directive (see below).

# If you are behind a reverse proxy, you might want to change %h into %{X-Forwarded-For}i

#

LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined

LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined

LogFormat "%h %l %u %t \"%r\" %>s %O" common

LogFormat "%{Referer}i -> %U" referer

LogFormat "%{User-agent}i" agent



# Include of directories ignores editors' and dpkg's backup files,

# see README.Debian for details.



# Include generic snippets of statements

Include conf.d/



# Include the virtual host configurations:

Include sites-enabled/



NameVirtualHost *:443

<VirtualHost _default_:443>

	ServerName www.example.com:443

	SSLEngine on

	SSLCertificateFile /etc/apache2/ssl.crt/server.crt

	SSLCertificateKeyFile /etc/apache2/ssl.key/server.key

</VirtualHost>



Include /usr/local/ispmgr/etc/ispmgr.inc

<Directory /var/www/юзер/data/www/сайт.ru>

	php_admin_value open_basedir "/var/www/юзер/data:."

</Directory>

NameVirtualHost тут ip1:80

NameVirtualHost тут ip2:80

Lord Maverik добавил 14.10.2011 в 10:17

А может дело в этом?

MaxKeepAliveRequests 100 или этом MaxClients 150 ?

Это же суммарно для всех сайтов? А например набегает бот яшки, и с учетом посещаемости всех сайтов легко выходим за лимиты. Что в этом случае отдаст апач?

Сервер. Панель ISP Про.

NGINX не запущен, вроде как. Я пытался его поставить, не вышло.

Синие - отключены, желтые - включены.

Только это происходит на разных сайтах, с разными движками и разными htaccess.

Да уж не раз написал, сам проверяю отдает 200, но в логах куча страниц с 403-й, и только для яши.

403 не ошибка авторизации, а намеренно ограниченный доступ.

Когда тему создавал, думал "грешно" мож на стороне хетзнера есть какие-то ограничения. Бредовая мысль была...

Мне вообще что смотреть? Какие настройки? Ставил все по умолчанию, ничего не банил. Новые страницы индексируются, но вот часть выпадает в 403-ю.

Явно где-то в настройках косяк. Смотрел конфиг iptables, там пусто. Что вообще посмотреть? Что может ограничивать доступ?

Так я не закрывал ничего? Так ведь и проверка через сервис Яндекса проходит, ответ 200 идет.

там все отлично...

Да открывается. И вон через сервис выше все отлично, но в логах идут 403-ие, и в вебмастерс исключенные страницы за 403-ю.

История повторилась, куда рыть, куда копать?

Вот лог по одному из сайтов:

Движок тут не причем. Как видно даже на robots.txt отдало 403-ю. Nginx не стоит.

Панель ISP Pro. Никаких особых настроек.

Для тех, кто не понял насчет аппа, вот :)

чем отличается сайт от ЯК, от сайта не в ЯК в текущей ситуации? Тем, у сайта в ЯК можно посмотреть новое значение в самом каталоге. При этом на денежке и по сервисам и по бару у него будет старый тиц.

А у сайтов не в ЯК такой возможности нет. Вот и все. Это вовсе не значит, что те апнули, а эти нет.