Matomo crashes our whole server?


I am new to Matomo and installed it on our Plesk server. I created a subdomain for it. It seems to work well, first statistics are shown and looking good for me. BUT: Everytime I open the Matomo settings, i can’t open my Matomo website anymore. All browsers show “Error: Connection failed”. And its not only this subdomain, all other domains on the same server have the same problem. They are all not reachable anymore. I think it has to do with the system check. It shows the following results (i am german and try to translate them):

  • data integrity
  • setup cron
  • browser and auto archiving is activated
  • database skills
  • max. packet size
  • forced SSL connection

This only affects my computer and the others in our network. With my smartphone (wlan deactivated) i can still browse the domains of our server. Other computers outside of our company network can see our websites without any problems.

It takes a long, random time until I can visit the sites again. But as soon as I open the matomo settings again, this problem occurs anew.

I hope anyone can help me.

Thank you very much.

Can you check on the Apache or PHP or Matomo error log file if you see any error?

Hi, thanks for the reply.

My plesk shows the following errors:

AH01630: client denied by server configuration: /var/www/vhosts/
[core:crit] (13)Permission denied: AH00529: /var/www/vhosts/ pcfg_openfile: unable to check htaccess file, ensure it is readable and that ‘/var/www/vhosts/’ is executable
AH01630: client denied by server configuration: /var/www/vhosts/
AH01630: client denied by server configuration: /var/www/vhosts/
AH01630: client denied by server configuration: /var/www/vhosts/
AH01630: client denied by server configuration: /var/www/vhosts/
AH01630: client denied by server configuration: /var/www/vhosts/

Can these errors really cause such a “big” server wide problem?

I found out that I have to restart my router do make the sites work here again. When I don’t restart it, the sites aren’t reachable, even for days.

Then the “whole server crash” seems to come from your router. Even if there is also a source problem with Matomo → Then don’t forget to fix also the Matomo issue (access right to .htaccess file? to /tmp/cache/ folder?..)

After analysis of your error log and some thinking, it seems the configuration check is triggering the error.
In my case:

Directories with write access:
 	✔️ /appli/www/matomo/tmp
 	✔️ /appli/www/matomo/tmp/assets
 	✔️ /appli/www/matomo/tmp/cache
 	✔️ /appli/www/matomo/tmp/climulti
 	✔️ /appli/www/matomo/tmp/latest
 	✔️ /appli/www/matomo/tmp/logs
 	✔️ /appli/www/matomo/tmp/sessions
 	✔️ /appli/www/matomo/tmp/tcpdf
 	✔️ /appli/www/matomo/tmp/templates_c 
Required Private Directories
 	❗ We couldn't check if the following URLs are accessible because internet features are disabled on this Matomo.
 	Please open the URLs manually in a browser to see if you can access it. If you can, you might need to modify your server configuration as these files/directories should not be accessible via a browser from the Internet or Intranet.

Note: As my Matomo is on Intranet (with no access to Internet), I deactivated the internet access, then the Private directories check can’t be checked…

Maybe your Matomo tries to access these files (via your router) for the configuration check, but your router receives an answer it doesn’t want and ban the sender (Matomo itself) considered as SPAM attempt.

Maybe you can try to set; in the config/config.ini.php file (in section [General]):

enable_internet_features = 0 

If this value is not set at all, you have to add it…

Thanks a lot, but it unfortunately didn’t help.

I changed the rights of /core/.htaccess and tmp/cache to 777 and added your line to the config file.

But well, its okay. We are probably going to buy the the cloud version.

@innocraft, do you have an idea?

Hello. Is it possible that this server has some security plugin installed that blocks off access from visitors after they make like 5 404’s or 403’s. This would explain why none of the sites in the account are accessible, and I would surely try to visit the sites from another device that is not connected through the same Internet connection.

Restarting the router in some cases results in new outside ip, in which case the “block” is bypassed.

1 Like