weird 403 (forbidden) website access issue
Gary Aitken
freebsd at dreamchaser.org
Fri Apr 3 03:20:07 UTC 2020
On 4/2/20 10:02 AM, Gary Aitken wrote:
> On 4/2/20 2:50 AM, Mike Clarke wrote:
>> On Wednesday, 1 April 2020 06:03:05 BST Gary Aitken wrote:
>>
>>> How likely is it that the small window size (1028) in the 4th pair
>>> (HTTP: GET request) is causing the server to refuse the request? If
>>> so, is this a firefox issue or an underlying tcp issue?
>>
>> It's not just Firefox. I've tried Firefox, Chrome, Midori and
>> Konqueror and get the 403 code with them all from my FreeBSD box but
>> no problem with Firefox, Chrome and Edge on Windows 10.
>>
>> But I think I've found a clue to the cause. I tried Lynx with its
>> default settings and it worked fine but when I changed the user agent
>> header to
>>
>> Mozilla/5.0 (X11; FreeBSD amd64; rv:74.0) Gecko/ 20100101 Firefox/74.0
>> I got a 403 error.
>>
>> Looks like the server is only accepting requests from a restricted
>> range of browser and OS combinations
>>
>> Lynx/2.8.9rel.1 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/1.1.1d-freebsd
>> is accepted but
>> Mozilla/5.0 (X11; FreeBSD amd64; rv:74.0) Gecko/20100101 Firefox/74.0
>> appears to be regarded as 'dangerous'.
>
> Thank you!
> I will see what the hosting service has to say from there.
> I got similar refusals from some sites such as lowes.com as well.
Apparently the hosting service has some special rule which was
triggering this. They wouldn't tell me the rule so I don't really
know what it was, unfortunately. They disabled the rule for this
particular site, but whether that same rule is being applied to
other domains I don't know. The rule was a ModSecurity #70200 but
that's in the local/private range so it's not a well-known rule.
Gary
More information about the freebsd-questions
mailing list