I am not sure what this problem says. Please Help me to figure out this issue.. Thanks in Advance..
(403) Forbidden Issue
From the error text, it states "(403) Forbidden" is the issue. Fortunately for you, that particular issue is covered directly in the FAQs (https://chocolatey.org/install#faqs) of the install page, which links you over to Troubleshooting (https://chocolatey.org/docs/troubleshooting#im-getting-a-403-unauthorized-issue-attempting-to-install-chocolatey).
Details
For full answer clarity, linked information above will be provided here, but be sure to check the links above for the most correct and up to date answer.
It could be one of a few things:
You have a proxy that you need to configure
It is being blocked in your organization
We broke something (this is the least likely reason, everyone would be running into this issue and it would be fixed immediately)
CloudFlare has blocked your IP due to reasons
The Chocolatey Community Team may have blocked access due to abuse (many package installs over 30 days) see excessive use for details
You can use a tool like Fiddler (choco install for this would not be helpful in your case) to help determine what is going on.
How To Fix
Go to Project Honeypot and put in your IP address - http://www.projecthoneypot.org/search_ip.php. Check to see if your IP is flagged here, this is what Cloudflare uses to determine if you are banned (typically it means you have malware that is sending spam emails).
If you determine it is CloudFlare blocking your IP (which is the issue 98% of the time), we may be able to get you whitelisted for Chocolatey:
Go to https://chocolatey.org/contact (NOTE: If you are completely blocked from accessing the site, contact Chocolatey folks through Gitter instead)
Select "Website" in "Send message to" drop down
Let us know what's going on along with your IP address so we can unblock you.
Oh, and be sure to run some antivirus scans and remove any found malware (and maybe find a better antivirus scanner).
Once this has been completed, you should have access to install Chocolatey and/or packages from the community repository.
One case in FAQ is that the dl site being blocked by my organization, and it turns out to be true:
zscaler is being "helpful" again, and thinking nircmd is Trojan this time; last time it was Groovy that was blocked for me, sigh...
Related
After Apache upgrade on my shared server, I have been having nightmare issues with the form input on all of my reseller hosting accounts. The clients get 403 (or in case of Wordpress install, 404, which has really confused me) after the simplest, most innocent looking form input. For example "he is having a lot of trouble" in a text field results in 403!
It took almost two weeks to figure out what's going on, as the error seemed random and hard to replicate, but after I asked for exact text from the clients that they were not able to enter, we got to the modsec issue. The answer from tech help was "While checking the issue in detail, we found that a mod_security rule was getting triggered on the server while trying to submit the content as "he is having a lot of trouble". We have whitelisted the rule for the website which resolved the issues.".
My question is - how can I deal with this proactively? Is there a list of rules for mod_security that I can check, test some input, ask for additional whitelisting etc? With about a 100 accounts all having problems, it's enough to want to get out of the hosting business all together.
I don't understand your scenario or your question. Are you managing the host or not?
It sounds like you are hosting sites on a shared server so do not have access to the full server but are setting hosts up for clients - is that right?
Running a WAF like ModSecurity requires monitoring log files to identify false positives like this. If you do not have access to the log files then you need to ask your hosting provider what there options are for managing this sort of thing? Or will they do nothing until you raise it?
You can also ask to turn off ModSecurity completely. Most sites get on fine without a WAF - though personally I think they do add value and security.
Finally as to what rules are running on your instance only your tech help can answer that. ModSecurity itself is only an engine and comes with no rules. People can write their own, but some, or use free sets of rules like the OWASP Core Rule Set. So depending what you have would depend how you can test this. Most rules are fairly generic in nature so do result in false positives unless tweaked.
Myself and my users are often running into a Cloudflare Bad Gateway 502 error. Trying to figure out what goes wrong is hard, because Cloudflare blames the hosting company and the hosting company blames Cloudflare. A typical situation when using Cloudflare.
What I noticed is that nothing actually fails. The host receives the request and is handling the request just fine but which sometimes takes a bit longer than usual to complete. But Cloudflare can't wait and instead throws a Bad Gateway error, while the script is actually still running.
I've noticed this behavior when performing heavy back-end tasks (like generating +50 PDFs). My users notice this when they try to upload an image (which often starts a re-sizing task).
Is there a way I can configure my server so that Cloudflare knows that the request is still being processed? Or should I just ditch Cloudflare overall?
The culprit was Railgun. After disabling Railgun (in Cloudflare's control panel) the Bad Gateway 502 errors immediately disappeared.
I've gone through this error for quite a long time, Cloudflare support wasn't able to guide me.
To solve this I tried multiple tweaks and tricks.
the successful one was changing your https to HTTP in your database > wp_option.
for example :
https://xxxxx.com/ to http://xxxxx.com/
switching your SSL setting to "full" in Cloudflare settings.
this should work fine, good luck.
I have researched on this error very deeply and what I found the result https://modernbreeze.in/error-502-bad-gateway-cloudflare-how-to-fix-in-wordpress/
I noted down in the above blog post. Please read and let me know if it's solved or not.
Some users trying to visit my website are getting a warning explaining "This is probably not the site you are looking for".
One of them sent me a screenshot (I'm sure we've all seen this screen before at some stage):
I'm using an SSL cert signed by StartSSL. It's signed for shareshaper.com and www.shareshaper.com.
You can see that the screenshot says that the user attempted to reach www.wamrc.com. I've never heard of that site before. For some reason though, when I visit www.wamrc.com I end up on my staging server.
I've tested my SSL setup with a number of online testing sites and they all report that everything is fine. I can't seem to replicate the issue myself.
What could be causing this error?
Some Other Thoughts
I have another StartSSL certificate I use on my staging server. This one is valid for staging.shareshaper.com and (I assume, can't quite remember) shareshaper.com.
One user who get the warning was using iPad Safari. Another OS X Chrome.
wamrc.com appears to belong to some dude called Oscar Arbelaez.
The issue was initially reported in this Reddit thread
For example it could be an incorrect DNS A-record for www.wamrc.com (pointing to your IP), or an incorrect cname for the same one, but all this is essentially included in the message in the screenshot.
Your server is misconfigured. Its reporting itself as www.wamrc.com.
You need to talk to your hosting provider.
I've been trying to research this for hours now, and I can't find any related articles.
I have an installation of MediaWiki that is under SSL and uses an extension of the AuthPlugin to authenticate users to an external database upon their login.
If I access the wiki without being logged in, I can see the content that anonymous users would see just fine. If, however, I log into the site, the wiki is no longer available, and only brings up a 500 Internal Server Error.
I've checked the error logs, and nothing shows up there corresponding to the bad request.
On a staging server, I have the same codebase running under non-SSL, and I do not encounter any issues when logged in, so I'm thinking there might be something to do with tthe combination of SSL and the AuthPlugin.
Anyone out there encounter similar using extensions of AuthPlugin under SSL?
Thanks!
Start by turning on PHP debugging and logging, so you can actually see the error instead of having to guess what the 500 means:
http://www.mediawiki.org/wiki/Manual:Errors_and_symptoms#MediaWiki_Errors
I ran into this same issue for one wiki user after an upgrade. All other wiki users could still log in. My issue was due to the user using a skin that did not work. After changing the user's skin to Vector(default) he could log in again. I couldn't figure out how to change another user's preferences as an Admin, so I ended up running an update statement to the mysql database. Hope this helps someone else.
I've just set up exim on my ubuntu computer. At the moment it will only accept email for accounts that exist on that computer but I would like it to accept all email (just because I'm interested). Unfortunately there seem to be a million exim related config files, and I'm not having much success finding anything on google.
Is there an introduction to exim for complete beginners?
Thanks.
There's a mailing list at http://www.exim.org/maillist.html. The problem you will face as an Ubuntu user is that there's always been a slight tension between Debian packagers/users and the main Exim user base because Debian chose to heavily customize their configuration. Their reasons for customizing it are sound, but it results in Debian users showing up on the main mailing list asking questions using terms that aren't recognizable to non-Debian users. Debian runs its own exim-dedicated help list (I don't have the address handy, but it's in the distro docs). Unfortunately this ends up causing you a problem because Ubuntu adopted all these packages from Debian, but doesn't support them in the same way as Debian does, and Debian packagers seem to feel put upon to be asked to support these Ubuntu users.
So, Ubuntu user goes to main Exim list and is told to ask their packager for help. So they go to the Debian lists and ask for help and may or may not be helped.
Now, to answer your original question, there are a ton of ways to do what you ask, and probably the best way for you is going to be specific to the Debian/Ubuntu configurations. However, to get you started, you could add something like this to your routers:
catchall:
driver = redirect
domains = +local_domains
data = youraddress#example.com
If you place that after your general alias/local delivery routers and before any forced-failure routers, that will redirect all mail to any unhandled local_part at any domain in local_domains to youraddress#example.com.
local_domain is a domain list defined in the standard exim config file. If you don't have it or an equivalent, you can replace it with a colon-delimited list of local domains, like "example.com:example.net:example.foo"
One of the reasons it's hard to get up to speed with Exim is that you can literally do anything with it (literally, someone on the list proved the expansion syntax is turing complete a few years ago, IIRC). So, for instance, you could use the above framework to look the domains up out of a file, to apply regular expressions against the local_parts to catch, save the mail to a file instead of redirecting to an address, put it in front of the routers and use "unseen" to save copies of all mail, etc. If you really want to administer an Exim install, I strongly recommend reading the documentation from cover to cover, it's really, really good once you get a toe hold.
Good luck!