Since the update to version 4.10 I get banned from my own server. The reason is that Fail2ban checks the access_logs for HTTP status 403 and bans the corresponding IPs. In my case Matomo causes these 403 messages in access_log. In the html source code I found this line in Matomo:
In Browser I get for this
You don't have permission to access this resource.
Apparently the browser has no access to the path. This was not a problem in the previous version of Matomo.
I the same folder is this file
So I take a look and found
plugins/htaccess and here is json for "safe static files" missing:
# Allow to serve static files which are safe <Files ~ "\.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2)$">
SOLUTION: After add "json" here, the issue is gone and manifest.json send HTTP Status 200.
Why you have here "mp3|mp4|wav|ogg|avi", in which cases you use this types of media-files here in matomo?
Its make more sense to add image type "webp" here, if you want to use the modern image format instead of "jpg" in the future. :)
@Daijobou thanks for providing the info, our product team view review this as soon as we can.
ServerFilesGenerator.php probably here needs an update as the issue requested.
@justinvelluppillai Reverting might not be the best choice. I'll prepare a PR to fix that another way
This issue has been mentioned on Matomo forums. There might be relevant details there: