0

I have setup a server on AWS everything working fine, i am able to fetch data from server but unable to POST, POST data is continuously giving 403 forbidden response,

i have check nginx logs, call never even reach there, but GET request are shows up on access.log.

error.log are empty and nothing happening there.

server {
    listen 80;
    listen [::]:80 default_server;
    server_name example.com www.example.com;
    location / {
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header Host $http_host;
            proxy_pass "http://127.0.0.1:3004";
    }
}

and yes there is a Load Balancer which is running on 443 port and forward to port 80 on the instance.

Awais Ayub
  • 389
  • 3
  • 13
  • can you share a little bit more details about it. Is there anything (Loadbalancer...) infront of your instance? In general AWS Security Groups are not working on that level. Can you share the full NGINX Config as well? `sudo nginx -T` – Timo Stark Apr 07 '20 at 21:58
  • i have edit my question please have a look. – Awais Ayub Apr 08 '20 at 08:49
  • Thanks still not fully clear to me: You are saying your are listing on Port443 on the same EC2 instance and then you are proxying this request to your server running on port 80 and this is proxying the request to your application listing in port 3004?? Beside from that, try to send a POST request to your app running on 127.0.0.1:3004. `curl -X POST http://127.0.0.1:3004` send some data if needed. – Timo Stark Apr 08 '20 at 11:29
  • if i curl from same server or from bastion server it works like charm, but from load balancer, it doesn’t. – Awais Ayub Apr 08 '20 at 16:38
  • and i am listing on port 80 on server and on port 443 on load balancer, e.g call goes to load-balancer:443 -> server:80 and then proxing to 3004 to my app. – Awais Ayub Apr 08 '20 at 16:40
  • Can you check to logs / config on the LB listining port 443? Looks like something is blocking your POST request on the LB. – Timo Stark Apr 10 '20 at 10:09

2 Answers2

0

I get it after looking all the way arounds, there was a rule defined on Load Balancer, post call methoud be defined in lower case like post not POST.

Awais Ayub
  • 389
  • 3
  • 13
0

I was getting 403 Forbidden errors from the AWS Load Balancer WAF when the body of my POST request contained "http://127.0.0.1". When I change it to "http://localhost" instead, it doesn't fail. That's pretty lame.

Jeff
  • 59
  • 1
  • 2