Matomo crashes our whole server?


I am new to Matomo and installed it on our Plesk server. I created a subdomain for it. It seems to work well, first statistics are shown and looking good for me. BUT: Everytime I open the Matomo settings, i can’t open my Matomo website anymore. All browsers show “Error: Connection failed”. And its not only this subdomain, all other domains on the same server have the same problem. They are all not reachable anymore. I think it has to do with the system check. It shows the following results (i am german and try to translate them):

  • data integrity
  • setup cron
  • browser and auto archiving is activated
  • database skills
  • max. packet size
  • forced SSL connection

This only affects my computer and the others in our network. With my smartphone (wlan deactivated) i can still browse the domains of our server. Other computers outside of our company network can see our websites without any problems.

It takes a long, random time until I can visit the sites again. But as soon as I open the matomo settings again, this problem occurs anew.

I hope anyone can help me.

Thank you very much.

Can you check on the Apache or PHP or Matomo error log file if you see any error?

Hi, thanks for the reply.

My plesk shows the following errors:

AH01630: client denied by server configuration: /var/www/vhosts/
[core:crit] (13)Permission denied: AH00529: /var/www/vhosts/ pcfg_openfile: unable to check htaccess file, ensure it is readable and that ‘/var/www/vhosts/’ is executable
AH01630: client denied by server configuration: /var/www/vhosts/
AH01630: client denied by server configuration: /var/www/vhosts/
AH01630: client denied by server configuration: /var/www/vhosts/
AH01630: client denied by server configuration: /var/www/vhosts/
AH01630: client denied by server configuration: /var/www/vhosts/

Can these errors really cause such a “big” server wide problem?

I found out that I have to restart my router do make the sites work here again. When I don’t restart it, the sites aren’t reachable, even for days.

Then the “whole server crash” seems to come from your router. Even if there is also a source problem with Matomo → Then don’t forget to fix also the Matomo issue (access right to .htaccess file? to /tmp/cache/ folder?..)

After analysis of your error log and some thinking, it seems the configuration check is triggering the error.
In my case:

Directories with write access:
 	✔️ /appli/www/matomo/tmp
 	✔️ /appli/www/matomo/tmp/assets
 	✔️ /appli/www/matomo/tmp/cache
 	✔️ /appli/www/matomo/tmp/climulti
 	✔️ /appli/www/matomo/tmp/latest
 	✔️ /appli/www/matomo/tmp/logs
 	✔️ /appli/www/matomo/tmp/sessions
 	✔️ /appli/www/matomo/tmp/tcpdf
 	✔️ /appli/www/matomo/tmp/templates_c 
Required Private Directories
 	❗ We couldn't check if the following URLs are accessible because internet features are disabled on this Matomo.
 	Please open the URLs manually in a browser to see if you can access it. If you can, you might need to modify your server configuration as these files/directories should not be accessible via a browser from the Internet or Intranet.

Note: As my Matomo is on Intranet (with no access to Internet), I deactivated the internet access, then the Private directories check can’t be checked…

Maybe your Matomo tries to access these files (via your router) for the configuration check, but your router receives an answer it doesn’t want and ban the sender (Matomo itself) considered as SPAM attempt.

Maybe you can try to set; in the config/config.ini.php file (in section [General]):

enable_internet_features = 0 

If this value is not set at all, you have to add it…

Thanks a lot, but it unfortunately didn’t help.

I changed the rights of /core/.htaccess and tmp/cache to 777 and added your line to the config file.

But well, its okay. We are probably going to buy the the cloud version.

@innocraft, do you have an idea?

Hello. Is it possible that this server has some security plugin installed that blocks off access from visitors after they make like 5 404’s or 403’s. This would explain why none of the sites in the account are accessible, and I would surely try to visit the sites from another device that is not connected through the same Internet connection.

Restarting the router in some cases results in new outside ip, in which case the “block” is bypassed.

1 Like

Is there any update on this topic? I’m currently running Matomo on my VPS (with Plesk) and every time I access the settings page it kicks me out for 10 minutes. And I can’t access any website hosted on my VPS, during that time (unless I switch to another connection). The VPS doesn’t crash, it just “bans” me for 10 minutes every time I try to do something in the Matomo’s settings page (add user, add website, whatver).

It’s extremely frustrating. Is there anything I can do to fix it?

Hi we’ve got the same problem here. Is there any easy solution on this issue?

I guess I will stop using it, because it’s a huge pain in the back. Every time I try to update the settings or even if I add another user… I get locked out for 10 minutes and all my domains are unreachable (everyone can see them, except me).

I can switch off and on the router hoping for a different IP address but that doesn’t make any sense.

Hi @LB11, @powerpoint, @dazzle89.
I think the problem is the one pointed out by sandin
Do you use some kind of router, WAF, or load balancer to access your Matomo server (and other servers too)? Maybe the problem is there… As the Matomo check tries to access forbidden pages, the guard system prevent any other “attack” and block the internal access for a short time…
Did you try to disable internet features? (set enable_internet_features to 0 in config file)

We switched of the option:

enable_required_directories_diagnostic = 0

This works for us.

1 Like