Recently, a client reported that their website, built using the Baota panel, would temporarily become inaccessible when performing specific functions, even though it would work fine when accessed through other networks. After some time, the website would automatically recover. This phenomenon seemed to indicate that the client's IP address was temporarily blocked. After a professional operations and maintenance analysis, Xiaoz finally identified the root cause of the issue.

Troubleshooting

Checking Baota Firewall

Initially, Xiaoz suspected that a firewall within the Baota panel might be causing the blockage. However, upon inspection, it was found that the client's Baota panel did not have the 'Nginx Free Firewall' installed.

Analyzing Website Logs

Continuing to check the website logs, it was discovered that Nginx was returning a 444 status code, which means the server did not return any information and closed the connection, often used to reject malicious requests.

Checking Nginx Configuration

Digging deeper, I carefully examined the Nginx configuration files to find any rules that might trigger the 444 status code. After traversing all .conf files with the command below, no specific settings related to the 444 status code were found.

# Enter the Nginx directory in Baota
cd /www/server/nginx/conf
# Use the following command to search for 444
grep -r --include="*.conf" "444" ./

Further investigating the Nginx-associated configuration, a line was found: include /www/server/panel/vhost/nginx/*.conf;

Subsequently, upon entering the /www/server/panel/vhost/nginx/ directory, a file named fee_waf.conf was discovered. Upon inspecting this file, it was noted that it contained calls to LUA scripts.

I began to suspect that this configuration was the cause, so I renamed fee_waf.conf to fee_waf.conf.bak for backup, then restarted Nginx, and the issue was resolved.

Solution

The client was using Tencent Cloud pre-installed with the Baota panel. In the Baota panel backend, the fee_waf configuration was not listed, indicating that it might be default-enabled and inaccessible in the backend, which could be inconvenient for novice users.

For this situation, the solution was to directly rename /www/server/panel/vhost/nginx/fee_waf.conf to fee_waf.conf.bak and then restart Nginx.

If you have installed the Baota panel yourself, please check in the Baota panel backend under "Software Store - Installed" to see if "Nginx Firewall or Apache Firewall" is installed, as this could be causing the issue. You can set up the firewall separately, allow specific websites, or directly disable the firewall.

The above troubleshooting steps are for reference only. When encountering website failures, specific issues require specific analysis. If you need professional operations and maintenance troubleshooting, please contact Xiaoz on WeChat: xiaozme.