I'm trying to configure NGINX (version 1.18.0) running on Ubuntu (20.04), to replace our existing F5 load balancers.
I've managed to get most sites migrated across, but I'm having trouble with 3 of them. When I try to browse to the sites via the NGINX IP, I am getting a response of "Forbidden" (error 403), this error appears to be coming from the upstream servers themselves (although I'm not 100% sure). However, when I test access to the upstream servers using CURL, it works fine.
I've tried ssldump, and it appears to be using the same ciphers. From the ssldump output from the failing request, it appears to do the handshake, then send application_data (request), then receive application_data (response) and then alert and the client (NGINX) closes the connection (TCP_RST). I assume because the server replied with "403".
For a direct (CURL) connection, after the handshake, I see it sends the application_data (request) and then 4 x receive application_data and then a normal close (TCP_FIN).
Does anyone know why the server might be returning 403, when accessing via NGINX, and normal response (200) when access via CURL (or a web browser)? I can't see anything different between the NGINX and the CURL requests.
question from:
https://stackoverflow.com/questions/65848151/nginx-load-balancer-getting-error-403-forbidden-via-nginx-but-direct-access-to 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…