我正在尝试通过Facebook's Debugger运行我的网址,看看我是否设置了正确的元标记,并且还看到这些内容通常有效。
当我输入网址时,我会收到403 Forbidden作为回报。
URL指向子域,域本身也返回403 Forbidden。
阅读另一篇文章Facebook links to my site resolve as 403 forbidden,我认为我的主机可能已设置了一个块或其他东西,但是,我似乎无法从我的计算机重新创建该块。
我一直在尝试欺骗引荐来源和用户代理,但没有运气。在给我的主人打电话之前,我有什么可能错过的?
如果相关,则相关网址为:http://distorpia.dadiugames.dk/
答案 0 :(得分:2)
我用来测试此问题的命令是curl -i -H 'Accept: */*' -H 'Range: bytes=0-40960' -H 'Connection: close' -A 'facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)' http://whatever.com - 这包括Facebook抓取工具发送的某些主机出现问题的一些标题
看起来您的托管设置无法正确处理其中一个/部分标头 - 我复制了403错误:
对于您的网址,返回了:
HTTP/1.1 403 Forbidden
Date: Tue, 13 Dec 2011 20:54:07 GMT
Server: Apache/2.2.6 mod_auth_kerb/5.3 PHP/5.2.17 mod_fcgid/2.3.6
Accept-Ranges: bytes
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Parallels H-Sphere</title>
{{REMOVED THIS PART}}
<h2>Error 403: Forbidden</h2>
<p>You don't have permissions to access this page.
This usually means one of the following:</p>
<ul>
<li>this file and directory permissions make them unavailable from the Internet.</li>
<li>.htaccess contains instructions that prevent public access to this file or directory.</li>
</ul>
<p>Please check file and directory permissions and .htaccess configuration if you are able to do this.
Otherwise, request your webmaster to grant you access.</p>
答案 1 :(得分:0)
Facebook和Facebook调试器发送:
curl -i -H 'Accept-Encoding: deflate, gzip' -H 'Accept: */*' -H 'Range: bytes=0-524287' -H 'User-Agent: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)' https://your.website/something
问题可能出在owasp-modsecurity-crs规则#958291中,该规则给出了假阳性结果:https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/173
通过发送带有标头Range: bytes=524287(代替Range: bytes=0-524287)的请求进行检查:
curl -i -H 'Accept-Encoding: deflate, gzip' -H 'Accept: */*' -H 'Range: bytes=524287' -H 'User-Agent: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)' https://your.website/something
#SecRule REQUEST_HEADERS:Range "@beginsWith bytes=0-" "phase:2,rev:'2',ver:'OWASP_CRS/2.2.9',maturity:'6',accuracy:'8',t:none,block,msg:'Range: field exists and begins with 0.',logdata:'%{matched_var}',severity:'4',id:'958291',tag:'OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ-%{matched_var_name}=%{matched_var}"