Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 16 replies
  • Subscribers 1 subscriber
  • Views 18230 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

website declined to show this webpage - HTTP 403 Forbidden

Kingbuzzo
Hi Fellas:

I have a user who cannot connect to the following site:

CRPA-ACRP Web Site: News

They just get the  error message.

We have an ASG425 using e-Dir SSO.

This is all I can see in the log:

2009:09:02-10:49:13 rastro1-2 httpproxy[22709]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="172.18.118.166" user="TEdwards" statuscode="200" cached="0" profile="REF_DpNJnpEFpS (Research)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="1" time="400 ms" request="0x878f378" url="8.17.248.22/.../x-fcs" 
2009:09:02-10:49:14 rastro1-2 httpproxy[22709]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="POST" srcip="172.18.118.166" user="TEdwards" statuscode="200" cached="0" profile="REF_DpNJnpEFpS (Research)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="1" time="473 ms" request="0x878f378" url="8.17.248.22/.../x-fcs" 
2009

This site seems to be using some-sort of authentication but the user cannot even reach the root page to login.

The link seems to work fine thru BordumManger and ForeFront TMG however.

Thanks!


This thread was automatically locked due to age.
  • 0
    If they are running V7, then they likely have selected to block uncategorized.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Nope, uncategorized is not selected.

    Can you get there behind yers?
  • 0
    King, it's a "trick" they're playing on us.  In addition to the checkbox for 'Block access to uncategorized websites', there's a 'Suspicious_and_Uncategorized' Category that they need to uncheck.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    these are the only cats I have blocked unless I'm looking in the wrong place again:

    Finance / Investing
    Extremistic Sites
    Nudity
    IT
    Weapons
    Locomotion
    Community Education Religion
    Games / Gambles
    Criminal Activities
    Lifestyle
  • 0
    OK, so I just tried with your categories and I have no problem.

    I just noticed that the lines above were "pass" by the content filter, but that they are unrelated to the link you provided:  
    In the extract of the content filter log:

             url="8.17.248.22/.../74433"

    

    The link provided is:

             www.crpa-acrp.ca/.../news.php

    

    www.crpa-acrp.ca resolves to 205.200.65.129

    Maybe the slight delay caused by the AV is the problem.  This is hinted at by log entries like size="1" time="400 ms".  Have you tried an exception for AV for the site?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    hey, you are right!

    it doesn't even show up in the log when I try to hit that link...

    I disabled AV for that site but if it isn't even hitting the http then I have another issue?
  • 0
    Might be.  I still don't understand what 8.17.248.22 has to do with the CRPA site.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    That may be my mistake.

    Since it isn't getting to the HTTP proxy at all just ignore that IP - must be something else.

    I just don't get why this isn't working.

    I have no proxy exception.
  • 0 in reply to Kingbuzzo
    Works OK here... standard proxy mode, similar categories blocked, dual AV enabled.  Try creating an exception for that site that excludes all scanning features, etc. and see what happens.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    Just thought of something; do you have this problem on every PC?  I had a customer that got a browser hijacker installed on their computer that resulted in a similar issue; took me all day to figure it out.  Try a clean installed computer, maybe run Malwarebytes, etc. on the user's PC.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.