http 403 error from CloudFront after attempting to upload image in Magento e-commerce platform for some users
Question
We are using Magento e-commerce platform for our shopping site behind AWS Cloudfront. In the create page WYSIWYG, there's an option to upload images. Some users are reporting the 403 error is occurring after they choose the image and press the upload button, whilst for others uploading images works.
I don't see any error messages in the nginx access or error logs at the time the 403 occurs for some of these users. However, I do see the following error in the CloudFront log:
date time x-edge-location sc-bytes c-ip cs-method cs(Host) cs-uri-stem sc-status cs(Referer) cs(User-Agent) cs-uri-query cs(Cookie) x-edge-result-type x-edge-request-id x-host-header cs-protocol cs-bytes time-taken x-forwarded-for ssl-protocol ssl-cipher x-edge-response-result-type cs-protocol-version fle-status fle-encrypted-fields c-port time-to-first-byte x-edge-detailed-result-type sc-content-type sc-content-len sc-range-start sc-range-end
2020-01-20 10:22:13 MAN50-C1 570 xx.xx.xx.xx POST jhgfjgfjsd.cloudfront.net /index.php/ctrl-web-team/cms_wysiwyg_images/upload/type/image/key/88fdfad6d6b726871662108fad3d3de3/ 403 https://www.example.com/index.php/ctrl-web-team/cms_page/new/key/c7e419205e2c23c854cd4ea1d741bdad/ Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:72.0)%20Gecko/20100101%20Firefox/72.0 SID=gm892fbgp7lep0 - Error Z6p-RiAuq7RA7ryi3iNHD== www.example.com https 16778 0.844 - TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 Error HTTP/2.0 - - 42776 0.844 Error text/html 134 - -
2020-01-20 10:22:17 MAN50-C1 1547 xx.xx.xx.xx POST jhgfjgfjsd.cloudfront.net /index.php/ctrl-web-team/cms_wysiwyg_images/contents/type/image/key/0f36c05043efc3435jj342d6a3071e6a47/ 200 https://www.example.com/index.php/ctrl-web-team/cms_page/new/key/c7e419205e2c23c854cd4ea1d741bdad/ Mozilla/5.0%20(X11;%20Linux%20x86_64;%20rv:72.0)%20Gecko/20100101%20Firefox/72.0 isAjax=true - Miss nu8CAYvBxQnpvMbAhdgdf= www.example.com https 545 0.612 - TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 Miss HTTP/2.0 - - 42776 0.612 Miss text/html;%20charset=UTF-8 - - -
Any guidance appreciated.
1 answers
solution1
4 ACCPTED 2020-01-27 15:05:07
The error occurred as some requests were being blocked by the AWS WAF (web application firewall). Review the rules associated with ACL in WAF.
I had to define an additional "String and regex matching" rule in the AWS WAF Classic to allow the requests.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.