403-禁止在PHP中使用文件进行某些请求
[英]403- Forbidden for file in PHP for some request
问题描述
My PHP page script is responding with 403-Access forbidden for some http requests while for some requests its responding properly. 
我的PHP页面脚本以403-Access禁止响应某些HTTP请求,而某些请求则正确响应。
For the below request (By ajax) I'm getting 403-Access forbidden 对于以下请求(通过ajax),我将禁止访问403-Access
POST http://xxxx./xxx/xxx/xxx/xxxx/interaction/practitioner HTTP/1.1 Host: xxxx Connection: keep-alive Content-Length: 2520 Accept: */* Origin: http://xxx X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.267 Safari/537.36 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Referer: http://xxxx./xxx/xxx/xxx/xxxx/index.php X-Citrio-Timestamp: Wht/CLSj01IhGLSPNfWemGXwGww= 2016-02-12T17:41:39.961Z Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.8 Cookie: PHPSESSID=c83cae9c3bc88a4b8ff7ea3c3b279a22 {JSON DATA}
But, another request to same page is responding properly with different JSON DATA. 但是,对同一页面的另一个请求使用不同的JSON DATA正确响应。
Means, for a particular data its giving 403-access forbidden and for some data its responding properly. 意味着,对于特定的数据,其禁止403访问,对于某些数据,则其响应正确。
The php scripts contains 10-20 functions but, both requests are calling the same function.. {Register user with timetable ids.} php脚本包含10-20个函数,但两个请求都调用同一个函数。.{向用户注册时间表ID。}
1 个解决方案
解决方案1
1 2017-11-21 13:47:24
Not really a tech answer, but I asked the providers of our shared multi-site reseller hosting if a ModSec rule could be the cause of this, ie inconsistent blocking of an ajax POST with a 403 being returned on fail. 这不是一个真正的技术答案,但是我问我们的共享多站点经销商托管服务提供商是否可能是ModSec规则造成的,即不一致阻止ajax POST并在失败时返回403。 They (NetHosted: brilliant support, always) had a look at their end and then disabled a couple of ModSec rules they could see were being triggered. 他们(NetHosted:始终提供出色的支持)看了看他们的结果,然后禁用了一些可以触发的ModSec规则。 That was the fix. 就是这样。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.