Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 12 replies
  • Subscribers 4 subscribers
  • Views 32909 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Forbidden - You don't have permission to access / on this server.

zzzp8

Hi there

 

I am getting the below error when trying to access an external DNS address eg..   www.xxxx.co.uk 

 

The site is running on IIS, and has a host header for the correct URL . I have tried enabling/disabling URL rewrite and pass host headers, and also tried no firewall profile but with no luck. I cant seem to figure out where im going wrong, any ideas?

 

Thanks 

 

 

 

 

 

Virtual server setup:

 

 

 

 

 

 

 

 

 



This thread was automatically locked due to age.
Parents
  • 0

    WAF Logs (editted the domain name part)

     

     

    2018:07:02-22:59:07 ids httpd[13391]: [url_hardening:error] [pid 13391:tid 4013390704] [client 172.18.175.138:32796] Hostname in HTTP request (172.18.175.138) does not match the server name (files.xxxx.co.uk)
    2018:07:02-22:59:07 ids httpd: id="0299" srcip="172.18.175.138" localip="172.18.175.138" size="209" user="-" host="172.18.175.138" method="GET" statuscode="403" reason="-" extra="-" exceptions="-" time="163" url="/" server="files.xxxxxx.co.uk" port="80" query="" referer="-" cookie="-" set-cookie="-" uid="WzquO6wSr4oAADRPrvAAAABy"
    2018:07:02-22:59:07 ids httpd: id="0299" srcip="125.236.212.159" localip="172.18.175.138" size="183" user="-" host="125.236.212.159" method="GET" statuscode="403" reason="-" extra="-" exceptions="-" time="1004" url="/" server="files.xxxxxx.co.uk" port="80" query="" referer="-" cookie="-" set-cookie="-" uid="WzquO6wSr4oAADRPru8AAABx"
  • 0 in reply to zzzp8

    zzzp8 said:

     Hostname in HTTP request (172.18.175.138) does not match the server name (files.xxxx.co.uk)

    It appears that in stead of using the registered name, an application is using the IP-address directly which is forbidden (status 403).

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0 in reply to apijnappels

    Thanks for the reply

     

    I still dont quite get it tho?

     

    In IIS, I have bindings setup to service files.xxxx.co.uk on port 80 , and the setup in the WAF itself on the sophos looks to be ok (i think)

     

    Im simply just browsing from a browser to files.xxxx.co.uk  and I get the Forbidden you dont have permission to access / on this server. 

     

    Any ideas?

Reply
  • 0 in reply to apijnappels

    Thanks for the reply

     

    I still dont quite get it tho?

     

    In IIS, I have bindings setup to service files.xxxx.co.uk on port 80 , and the setup in the WAF itself on the sophos looks to be ok (i think)

     

    Im simply just browsing from a browser to files.xxxx.co.uk  and I get the Forbidden you dont have permission to access / on this server. 

     

    Any ideas?

Children
Unfiltered HTML