[BUG] (random errors 400) on cpanel when enable nginx plugin (transparent proxy) #225
Description
Describe the bug
After enabling the cPanel native Nginx plugin in reverse proxy mode, I started experiencing intermittent HTTP 400 errors on POST requests. These errors only happen when Nginx is enabled and proxying to Apache. Disabling Nginx immediately resolves the problem. The apache-ultimate-bad-bot-blocker was working perfectly before Nginx was introduced, suggesting a compatibility issue between the blocker and the Nginx proxy behavior.
To Reproduce
-Steps to reproduce the behavior:
-Set up a cPanel server with Apache + apache-ultimate-bad-bot-blocker.
-Enable the cPanel native Nginx plugin in reverse proxy mode (Nginx → Apache on port 7080).
-Make POST requests to endpoints such as /sistema/Services/v1.0/Requests/List.php.
-Observe 400 Bad Request responses in Nginx logs.
Expected behavior
POST requests with valid user agents and referers should be forwarded normally to Apache by Nginx and not blocked or rejected. I expect no 400 errors, as seen when running only Apache.
Screenshots
Nginx error.log
[warn] a client request body is buffered to a temporary file /var/cache/nginx/client_temp/..., request: "POST /sistema/Services/... HTTP/1.1"
Nginx access.log
xx.xxx.xxx.xx - galafassi [25/Jun/2025:22:08:53 -0300] "POST /... HTTP/1.1" 400 347 "https://domain.com/..." "Mozilla/5.0 ..."
Server (please complete the following information):
OS: Cloudlinux 9
Apache Version: Apache/2.4.63
Nginx Version: nginx/1.26.3
Control Panel: cPanel [128.0.14]
Additional information
Already tested increasing client_max_body_size and client_body_buffer_size in Nginx — issue persists.
Everything works as expected when using Apache alone. The issue only arises after enabling Nginx as a reverse proxy via cPanel. I’ve already reviewed buffer and body size settings in Nginx, and confirmed no ModSecurity or rate limiting is involved.
In this scenario — with Nginx acting as a transparent reverse proxy in front of Apache — is it more appropriate to keep using the apache-ultimate-bad-bot-blocker in Apache, or would it be better to move the bot filtering logic to Nginx using the nginx-ultimate-bad-bot-blocker?
Thank you very much,
Wilson