XZ

Xiao Z's blog

Learn, build, share

Baota Panel Nginx Free Firewall Causes Temporary Website Access Issues

baota panelnginx 444 errorfee_waf.confwebsite access blockednginx firewall
Published·Modified·

Recently, a client reported that their website, built using Baota Panel, became temporarily inaccessible when performing specific functions, although it remained accessible from other networks. The site automatically recovered after a while. This phenomenon suggested that the client's IP address was temporarily blocked. After professional operations analysis, xiaoz identified the root cause.

54b34b0e1018c7f9.png

Problem Troubleshooting

Checking Baota Firewall

Initially, xiaoz suspected that a firewall within the Baota Panel might be causing the blockage. However, upon inspection, it was found that the client's Baota Panel did not have the 'Nginx Free Firewall' installed.

bc7f0870ffd0b484.png

Analyzing Website Logs

Continuing to check the website logs, it was discovered that Nginx returned a 444 status code. This indicates that the server did not return any information and closed the connection, which is typically used to reject malicious requests.

516333c99491c37d.png

Checking Nginx Configuration

Tracing the root cause, I carefully examined the Nginx configuration files to find rules that might trigger the 444 status code. After using the following command to traverse all .conf files, no specific settings related to the 444 status code were found.

# Enter the Baota Nginx directory
cd /www/server/nginx/conf
# Use the command below to search for 444
grep -r --include="*.conf" "444" ./

Continuing to inspect the configurations associated with Nginx manually, I noticed a line: include /www/server/panel/vhost/nginx/*.conf;

f90c0ee41868f74b.png

Subsequently, I entered the /www/server/panel/vhost/nginx/ directory and found a file named fee_waf.conf. Upon viewing this file, I noticed it contained a call to a LUA script.

Suspecting this configuration was the cause, I renamed fee_waf.conf to fee_waf.conf.bak for backup, then restarted Nginx. Finally, the problem was resolved.

Solution

The client used a Tencent Cloud pre-installed Baota Panel. In the Baota Panel backend, the fee_waf configuration was not listed, suggesting this item might be enabled by default and unviewable in the backend, which could be inconvenient for new users.

For this situation, the solution is to simply rename /www/server/panel/vhost/nginx/fee_waf.conf to fee_waf.conf.bak, then restart Nginx.

If you have installed Baota Panel yourself, please check the "Software Store - Installed" section in the Baota Panel backend to see if "Nginx Firewall" or "Apache Firewall" has been installed, which could be causing the issue. You can configure the firewall to allow specific websites or simply disable this firewall.

bc7f0870ffd0b484.png

The above information is for reference only. When encountering website failures, specific issues must be analyzed individually. If you need professional operations troubleshooting, please contact xiaoz via WeChat: xiaozme.