I'm trying to set up a home page where I can redirect my requests to others servers with a proxy so I have a single point of entry. I used to have this setup working properly on a windows machine running WAMP. I made the switch to Apache on CentOS7 and since, I'm having this issue. Here's my landing page:

<VirtualHost *:443>
    ServerName myhost.duckdns.org
    DocumentRoot /var/www/html/panel

    SSLEngine on
    SSLCertificateKeyFile /etc/letsencrypt/live/myhost.duckdns.org/privkey.pem
    SSLCertificateFile /etc/letsencrypt/live/myhost.duckdns.org/cert.pem
    SSLCertificateChainFile /etc/letsencrypt/live/myhost.duckdns.org/chain.pem
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

    <Directory /var/www/html/panel>
    Order deny,allow
    Deny from all
    Allow from myips
    AuthType Basic
    AuthName "Authorised Users Only"
    AuthUserFile .htpasswd
    Satisfy Any
    Require valid-user

And here's the proxypass

<VirtualHost *:443>
ServerName sickbeard.my.to

    SSLEngine on
    SSLCertificateKeyFile /etc/letsencrypt/live/sickbeard.my.to/privkey.pem
    SSLCertificateFile /etc/letsencrypt/live/sickbeard.my.to/cert.pem
    SSLCertificateChainFile /etc/letsencrypt/live/sickbeard.my.to/chain.pem
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

    <Proxy *>
    Order deny,allow
    Deny from all
    Allow from myips
    AuthType Basic
    AuthName "Authorised Users Only"
    AuthUserFile .htpasswd
    Satisfy Any
    Require valid-user
    ProxyPass /
    ProxyPassReverse /

I can reach the main page without problem and I can reach sickbeard using the IP or the hostname but using the hostname gives me the 403.

  • Allow from myips - so i guess you have the ip there but not the hostname..
    – Setekh
    Commented Jan 16, 2016 at 23:59
  • @Setekh Yes, there's 4 ips there
    – Gab
    Commented Jan 17, 2016 at 0:29
  • Can you try to add Allow from FQDN ..
    – Setekh
    Commented Jan 17, 2016 at 0:36
  • @Setekh Just tried, same thing :/
    – Gab
    Commented Jan 17, 2016 at 1:06
  • hmmm do you have any Rewrites for blocking .. like RewriteCond %{HTTP_REFERER} microsoft\.com [NC,OR] RewriteRule .* - [F] :D it may have some error there
    – Setekh
    Commented Jan 17, 2016 at 1:17

2 Answers 2


Found it! It was blocked by the mod_security module! I should've checked the logs first.

I disabled that module in httpd.conf. I read a bit on the subject and for what i'm doing, this module was clearly an overkil.


This is an older post, but hopefully this can still help people who find it in the future. The issue is indeed with your mod_security module, but only because your module is doing what you told it to do in your configuration. The lines that are giving you trouble are these two:

Order deny,allow
Deny from all

The operator Order deny,allow instructs Apache to process your deny rules before your allow rules. Since you have Deny from all, Apache is denying everything before it is told to allow something. A quick fix for this issue is to change Order deny,allow to Order allow,deny. Then Apache will allow the hosts you've specified before denying all others.

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .