If you have recently converted from Apache 2.2 to 2.4 you may notice messages in the error log like this:
[Wed Mar 23 13:08:11.163913 2016] [access_compat:error] [pid 19243:tid 140019733808896] [client xxx.xxx.xxx.xx:16275] AH01797: client denied by server configuration: /var/www
/html/domains/
www.somedomain.com/favicon.ico
but they seem benign.
When the domain is protected by a password, or access is only allowed from certain IPs, the old 2.2 syntax for protecting the page causes the benign error message above.
You may have had something like the following in your Apache 2.2 .htaccess file or VirtualHost:
Order deny,allow
Deny from all
AuthName “Private Page Content”
AuthType Basic
AuthUserfile /var/www/usernames/passwordfile
Require valid-user
Allow from xxx.xxx.xxx.0/26
Satisfy Any
For Apache 2.4 the equivalent is:
<RequireAny>
AuthName “Private Page Content”
AuthType Basic
AuthUserfile /var/www/usernames/passwordfile
Require valid-user
Require ip xxx.xxx.xxx.0/26
</RequireAny>
RequireAny means allow access if any of the requirements is met. You can replace it with RequireAll to make it so that all requirements must be met.
For more information click here.