domain shows 403 Forbidden in browser console - ssl

I have configure my domain and SSL in AWS EC2 instance. When i write domain in browser, amazon test page has been loaded successfully but in browser console, it shows below error:
Request URL: https://xxxxx.com/
Request Method: GET
Status Code: 403 Forbidden
Remote Address: xx.xx.xx.xx:443
Referrer Policy: no-referrer-when-downgrade
Even when i test my domain in tools like "pingdom", it also display "403 Forbidden" in response code.
Can anyone provide solution to fix "403 Forbidden" issue?

This means your web server (apache, nginx ) https directory is different than HTTP
forbidden probably means you don't have index page in the www folder, for example, index.html, usually for the HTTP port there is a welcome page in the default configuration but not for https

Related

Caddy + Organizr + Plex Media Server = Can't connect to PMS?

Ultimately my goal is to be able to load my PMS admin interface via Organizr. I had already tried simply using the URL https://app.plex.tv/desktop through Organizr, but that URL disallows loading the page in iFrames, so now I'm trying to use Caddy server to reverse proxy it to my local LAN IP instead ...
I have this code in my Caddyfile (note that my PMS is hosted on a different pc on my LAN):
proxy /pms https://192.168.234.234:32400 {
websocket
keepalive 12
header_upstream Host {host}
header_upstream X-Real-IP {remote}
header_upstream X-Forwarded-For {remote}
header_upstream X-Forwarded-Proto {scheme}
transparent
}
Then when I try to visit the URL, it gives me a 502 Bad Gateway, and the Caddy log file says [ERROR 502 /pms] x509: cannot validate certificate for 192.168.234.234 because it doesn't contain any IP SANs
If I add the insecure_skip_verify directive, I get the error: 401 Unauthorized instead.
I'm still pretty new to using Caddy, anyone know what's going on here?
Since you use Caddy which will deal with the SSL, redirect to http instead of https.
To solve my particular problem; in Organizer I used the Plex web URL instead.
https://192.168.234.234:32400/web
Note the /web at the end.
Another option, was to have Organizr open it using the PopOut option, which just acts something like a regular bookmark, and loads any URL in a new tab, and/or add a line to the Caddyfile like this:
redir /pms https://app.plex.tv/desktop 301
Then in Organizr you could use either the /pms URL, or the direct Plex URL https://app.plex.tv/desktop, and it'd just load Plex in a new tab.

ngrok https/tls tunnel not working?

I have a private web site like internal.mycompany.com which is only accessible within company's private network. I am trying to make this web site publicly accessible using ngrok. (I purchased a business plan). No matter what I tried I was not able to open the web site using https. http works fine but it is not ideal because web site normally redirects http requests to https. Then I tried similar thing using google.
Below is what my .ngrok2/ngrok.yml file looks like:
http-google-com:
addr: www.google.com:80
host_header: "rewrite"
subdomain: "http-google-com"
proto: http
https-google-com:
addr: www.google.com:443
host_header: "rewrite"
subdomain: "https-google-com"
proto: http
tls-google-com:
addr: www.google.com:443
host_header: "rewrite"
subdomain: "tls-google-com"
proto: tls
Then I run ngrok start --all and these are the results for each case when I browse the urls with my browser. All results are same for my internal web site.
http-google-com: When I browse http://http-google-com.ngrok.io/ (or https://) browser opens https://www.google.com. Seems like it some how redirects.
https-google-com: When I browse http://https-google-com.ngrok.io/ (or https://) I get "502 Bad Gateway" error
tls-google-com: When I browse https://tls-google-com.ngrok.io/ browser says that the ssl certificate is for "google.com" domains not for "ngrok.io". After adding security exception, browser displays google's classic 404 page which says "404. That’s an error. The requested URL / was not found on this server. That’s all we know."
UPDATE
I tried proto:tcp but it did not work also.
tcp-google-com:
addr: www.google.com:443
host_header: "rewrite"
subdomain: "tcp-google-com"
proto: tcp

Apache redirects in case of http errors

We have a web application. The backend is an Apache Web Server (Version 2.2).
As described in the following document
https://httpd.apache.org/docs/2.4/custom-error.html
we have configured an ErrorDocument for 404 which redirects to a cgi program.
ErrorDocument 404 /cgi-bin/log_false_request.pl
In the program "log_false_request" we write the ip address, the user-agent and
the original URL (request uri) of the request to a log file.
When an http error 500 happens and the request is a post, it would also be
interesting to have the post body.
Does apache also redirect the response body in case of a post request?
Thanks alot in advance.

Heroku: was loaded over HTTPS, but requested an insecure XMLHttpRequest - request has been blocked

UPDATE:
Mixed Content: The page at 'https://myapp.herokuapp.com/#/employees'
was loaded over HTTPS, but requested an insecure XMLHttpRequest
endpoint
'http://api.geonames.org/countryInfoJSON?username=design1online'. This
request has been blocked; the content must be served over HTTPS.
I'm trying to call the below api from one of my app in heroku and I'm getting the below error
Do I need to add-on SSL?
I have even tried without http: something like this:
//api.geonames.org/countryInfoJSON?username=design1online
API call:
http://api.geonames.org/countryInfoJSON?username=design1online
Error:
failed to load resource: net::err_ssl_protocol_error
adding S to the http tag actually worked for me, I just had the issue today
<script src="https://maps.googleapis.com/maps/api/js?region=GB"></script>

stop apache injecting it's own 404 not found page to the custom 404 error page

I'm having a problem implementing custom 404 error pages. my setup is a front-end apache 2.2.6 proxy request other than static file to the backend app server(apache 1.3.36)
i send 404 header back along with error page when user request a non-existing page to the backend server. I do get the error page back but somehow the backend apache server injects its own 404 not found page in the error page as well.
here is what injected to the not found page by apache:
Not Found
The requested URL /product/8jd4776 was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Apache/1.3.36 Server at www.example.com Port 8888
any idea why this is happening?
set "ProxyErrorOverride On" with ErrorDocument in the front-end apache server solve the problem.
The content length of your custom 404 message must be 512 bytes or more.