Some users getting '403 forbidden' from my web site

Some users - and they all seem to be using a particular ISP in Austria - are getting 403 forbidden when trying to access my site.

The access log shows this: - - [02/Mar/2013:04:34:11 -0800] “GET / HTTP/1.1” 403 496 “-” “Mozilla/5.0 (Windows NT 6.1; WOW64; rv:2.0.1) Gecko/20100101 Firefox/4.0.1”

and the error log shows

[Sat Mar 02 04:34:11 2013] [error] [client] client denied by server configuration: /home/steveloft/

I don’t have anything in my .htaccess denying that address. Could someone please tell me what the problem is?


Considering there is no .htaccess rule prohibiting the connection, it might be a deeper level of security such as ModSecurity kicking in.

You do have something in your .htaccess denying that address, actually. You have a few lines that look like:

Apache does not recognize comments in the middle of a line like this — “#” is only used to indicate a comment when it’s at the beginning of the line. This directive is ending up blocking all hostnames which end in “at” (Austria), as well as a few other words.

Split your comments out into separate lines and this won’t happen.

Thank you Andrew.