[RSS Feed] Error 403 on accessible public feeds

OpenCTI-Platform / opencti

Open Cyber Threat Intelligence Platform

https://opencti.io

Other

6.45k stars 947 forks source link

[RSS Feed] Error 403 on accessible public feeds #8736

Open Lhorus6 opened 1 month ago

Lhorus6 commented 1 month ago

Description

Some RSS feeds return errors 403 even though the links are public and accessible.

Examples:

Environment

OCTI 6.3.6

Reproducible Steps

Steps to create the smallest reproducible scenario:

Create an RSS Feed with one of the examples in the description
Wait a bit and look at the platform logs.

Expected Output

Ingestion of the RSS feed

Actual Output

Error 403

Screenshots

khalidelborai commented 4 weeks ago

Same issue here.

SamuelHassine commented 4 weeks ago

Maybe a problem of user agent? @romain-filigran @nino-filigran maybe critical?

romain-filigran commented 4 weeks ago

@SamuelHassine: Not only a user-agent issue from my investigation, more complicated depending on the RSS source. Need to test which one is working with an external RSS tool to identify the problem.

biastogit commented 1 week ago

it seems this issue appeared on my instance 3 days ago after adding the RSS darkreading feed. I started disabling all the RSS feeds creating errors, without success. Also tried to delete the darkreading reports and have multiple update indexing fail errors (UI and logs)

SamuelHassine commented 1 week ago

Any news @romain-filigran @nino-filigran ?

nino-filigran commented 1 week ago

None @SamuelHassine we've increased priority to ensure it's looked over by devs. So far it seems sepcific to some RSS feeds & therefore the solution not straightforward, but we need to investigate.