@accalia you say that like you don't exist as many things at once
Posts made by chubertdev
RE: WTF AT&T
@chubertdev I don't know what they do, it was just a thought.
yeah, I'm not closing off that idea, I'm checking FTP access logs and the directory structure (it's a relatively small site, but I don't manage all of the subdomains), so anything off should stick out like a sore thumb.
RE: WTF AT&T
@chubertdev Is the server running PHP? If so, is it serving up malware PHP?
It's possible you're pwned and AT&T is just the first large ISP to notice.
yes, it's running PHP. possible, but wouldn't they block the site outright, instead of invoking the 403 that still serves content?
RE: WTF AT&T
yeah, but only get basic information for those
IP Address, status code, URI, URI Referrer, content length, etc....not sure if there's a way to turn on more verbose logging
I'm just flat out surprised that this is even a thing, to have this invoked by a single carrier
I'm getting a 403 Forbidden for pretty much all content on a site, so I figured that I'd just list all of the factors:
- It's pretty much LAMP stack, but it's really Linux/Apache/vertical pipe delimited text file/Python
- I don't really control the server, so I'm a bit limited as to what I can do. Hosted solution, CPanel installed, etc
- I'm used to the Windows stack, so this is a bit outside of my expertise
- This is happening ONLY to people on AT&T's mobile network
- If these users switch to wifi, the problem goes away
- It's not all browsers, it seems to be only Chrome. Some users have reported it in other browsers, but I've been unable to verify
- The 403 page successfully loads, although the one image on it is blocked
- Since that content comes up, I assume that AT&T is somehow invoking a 403 on the server
- Since it's mobile, and I don't have much experience debugging with mobile, I'm not sure where to look
- This site has been around 2006, and has worked perfectly fine (overall) since then, so it's not like it's a new site with permissions issues. It works as it should on computers, wifi, non-AT&T users, etc
- Clearing cache hasn't helped
- even trying to access a simple test.txt file gives the same result
- after a few attempts, the "Site can't be reached" Chrome error comes up instead
The document root .htaccess has this section in it:
<Files 403.shtml> order allow,deny allow from all </Files>
Which I assume is what allows the page to be shown to these users, but I still don't understand the root cause.
Anyone have an idea of what's going on?