From owner-freebsd-questions@freebsd.org Thu Apr 2 09:00:39 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0B3A127A571 for ; Thu, 2 Apr 2020 09:00:39 +0000 (UTC) (envelope-from jmc-freebsd2@milibyte.co.uk) Received: from outmx-028.london.gridhost.co.uk (outmx-028.london.gridhost.co.uk [95.142.156.253]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48tH8R5kM3z48Ft for ; Thu, 2 Apr 2020 09:00:23 +0000 (UTC) (envelope-from jmc-freebsd2@milibyte.co.uk) Received: from curlew.milibyte.co.uk (unknown [82.71.56.121]) (Authenticated sender: mailpool@milibyte.co.uk) by outmx-028.london.gridhost.co.uk (Postfix) with ESMTPA id B0010221A5BFE for ; Thu, 2 Apr 2020 09:50:38 +0100 (BST) Received: from [127.0.0.1] (helo=curlew.localnet) by curlew.milibyte.co.uk with esmtp (Exim 4.93.0.4) (envelope-from ) id 1jJvYc-0003Nr-Bt for freebsd-questions@freebsd.org; Thu, 02 Apr 2020 09:50:38 +0100 From: Mike Clarke To: freebsd-questions@freebsd.org Subject: Re: weird 403 (forbidden) website access issue Date: Thu, 02 Apr 2020 09:50:37 +0100 Message-ID: <1807716.EnoYUHA41c@curlew> In-Reply-To: References: <1f345a1d-f0c8-688c-c3e5-3a6b09ff1fa9@dreamchaser.org> MIME-Version: 1.0 X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: jmc-freebsd2@milibyte.co.uk X-SA-Exim-Scanned: No (on curlew.milibyte.co.uk); SAEximRunCond expanded to false X-Rspamd-Queue-Id: 48tH8R5kM3z48Ft X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of jmc-freebsd2@milibyte.co.uk designates 95.142.156.253 as permitted sender) smtp.mailfrom=jmc-freebsd2@milibyte.co.uk X-Spamd-Result: default: False [0.97 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-0.54)[-0.540,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ptr]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.15)[-0.147,0]; RCVD_COUNT_THREE(0.00)[3]; MIME_TRACE(0.00)[0:+,1:+,2:~]; DMARC_NA(0.00)[milibyte.co.uk]; RCVD_TLS_LAST(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[253.156.142.95.list.dnswl.org : 127.0.5.1]; R_DKIM_NA(0.00)[]; CTE_CASE(0.50)[]; ASN(0.00)[asn:198047, ipnet:95.142.156.0/22, country:GB]; MID_RHS_NOT_FQDN(0.50)[]; IP_SCORE(1.06)[ipnet: 95.142.156.0/22(3.06), asn: 198047(2.30), country: GB(-0.07)]; FROM_EQ_ENVFROM(0.00)[] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7Bit X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Apr 2020 09:00:39 -0000 On Wednesday, 1 April 2020 06:03:05 BST Gary Aitken wrote: > How likely is it that the small window size (1028) in the 4th pair (HTTP: > GET request) is causing the server to refuse the request? > If so, is this a firefox issue or an underlying tcp issue? It's not just Firefox. I've tried Firefox, Chrome, Midori and Konqueror and get the 403 code with them all from my FreeBSD box but no problem with Firefox, Chrome and Edge on Windows 10. But I think I've found a clue to the cause. I tried Lynx with its default settings and it worked fine but when I changed the user agent header to Mozilla/5.0 (X11; FreeBSD amd64; rv:74.0) Gecko/ 20100101 Firefox/74.0 I got a 403 error. Looks like the server is only accepting requests from a restricted range of browser and OS combinations Lynx/2.8.9rel.1 libwww-FM/2.14 SSL-MM/1.4.1 OpenSSL/1.1.1d-freebsd is accepted but Mozilla/5.0 (X11; FreeBSD amd64; rv:74.0) Gecko/20100101 Firefox/74.0 appears to be regarded as 'dangerous'. -- Mike Clarke