This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Forbidden - You don't have permission to access / on this server.

Hi there

 

I am getting the below error when trying to access an external DNS address eg..   www.xxxx.co.uk 

 

The site is running on IIS, and has a host header for the correct URL . I have tried enabling/disabling URL rewrite and pass host headers, and also tried no firewall profile but with no luck. I cant seem to figure out where im going wrong, any ideas?

 

Thanks 

 

 

 

 

 

Virtual server setup:

 

 

 

 

 

 

 

 

 



This thread was automatically locked due to age.
Parents
  • WAF Logs (editted the domain name part)

     

     

    2018:07:02-22:59:07 ids httpd[13391]: [url_hardening:error] [pid 13391:tid 4013390704] [client 172.18.175.138:32796] Hostname in HTTP request (172.18.175.138) does not match the server name (files.xxxx.co.uk)
    2018:07:02-22:59:07 ids httpd: id="0299" srcip="172.18.175.138" localip="172.18.175.138" size="209" user="-" host="172.18.175.138" method="GET" statuscode="403" reason="-" extra="-" exceptions="-" time="163" url="/" server="files.xxxxxx.co.uk" port="80" query="" referer="-" cookie="-" set-cookie="-" uid="WzquO6wSr4oAADRPrvAAAABy"
    2018:07:02-22:59:07 ids httpd: id="0299" srcip="125.236.212.159" localip="172.18.175.138" size="183" user="-" host="125.236.212.159" method="GET" statuscode="403" reason="-" extra="-" exceptions="-" time="1004" url="/" server="files.xxxxxx.co.uk" port="80" query="" referer="-" cookie="-" set-cookie="-" uid="WzquO6wSr4oAADRPru8AAABx"
  • zzzp8 said:

     Hostname in HTTP request (172.18.175.138) does not match the server name (files.xxxx.co.uk)

    It appears that in stead of using the registered name, an application is using the IP-address directly which is forbidden (status 403).


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • Thanks for the reply

     

    I still dont quite get it tho?

     

    In IIS, I have bindings setup to service files.xxxx.co.uk on port 80 , and the setup in the WAF itself on the sophos looks to be ok (i think)

     

    Im simply just browsing from a browser to files.xxxx.co.uk  and I get the Forbidden you dont have permission to access / on this server. 

     

    Any ideas?

  • Sorry to be a noob, does anybody have any other ideas Im struggling abit on this one

  • Under virtual server > interface

    I have always used the interface I would be connecting to from the client. This normally being the one connected to the internet.

    Is internal the correct one?

Reply Children
  • Thanks for the reply.

     

    I'm using it on AWS so it only displays an internal interface. Im not sure the firewall is actually aware of its external interface as AWS does networking abit differently if I understand correctly e.g. software defined