search

markeverard / POSSIBLE.RobotsTxtHandler

POSSIBLE RobotsTxtHandler is an Episerver CMS plugin that handles the delivery and modification of the robots.txt file
MIT License
6 stars 9 forks source link

403 - forbidden issue - Permission denied #14

Open SureshKalyanasundaram opened 5 years ago

SureshKalyanasundaram commented 5 years ago

Hi Markeverard,

I've installed this add-on to our DXC version 11.8.1 and noticed an error while accessing it. the error is 403 - forbidden access denied for this path : /modules/POSSIBLE.RobotsTxtHandler/RobotsTxtAdmin

Are there any specific permission required for this add-on to work in Azure app service ?

Please do help me on this at the earliest.

Regards, Suresh

markeverard commented 5 years ago

Hello,

I've been using this plugin in a DXC environment without issue. There are no specifics around Azure or permissions to set up.

I presume the Plugin works locally, but just not after you've done a deployment to DXC? If so I'm relatively sure the problem must be with your deployment. The url you mention should be routed by the Episerver module system to the RobotsTxtAdminController - https://github.com/markeverard/POSSIBLE.RobotsTxtHandler/blob/master/src/UI/Controllers/RobotsTxtAdminController.cs

The error message you are getting looks like its being served by IIS (and that a 403 is returned) as directory browsing isn't allowed. This makes me think the problem is with the routing.

1) Are you sure the module is correctly included in your deployment scripts / project file so that the dll and modules/POSSIBLE.RobotsTxtHandler are deployed to the DXC environment? 2) Is the required web.config module configuration correctly included in your web.config that is used on the DXC environment. You should have a section like below. `

`
SureshKalyanasundaram commented 5 years ago

Thanks a lot for your response. Epi support team said there is no such restriction exists for this to happen from Azure environment.

I checked the files are deployed fine in Azure. I installed the plug-in from nuget package.

Find my answers below,

1.Are you sure the module is correctly included in your deployment scripts / project file so that the dll and modules/POSSIBLE.RobotsTxtHandler are deployed to the DXC environment? - All the files are deployed to DXC (dll, this folder POSSIBLE.RobotsTxtHandler does exists under this Modules folder)

  1. Is the required web.config module configuration correctly included in your web.config that is used on the DXC environment. You should have a section like below. - Yes this is there under attribute and within public Modules as mentioned above.

I have no clue on why its not working.

Thanks, Suresh

markeverard commented 5 years ago

Ok. Let’s try a few more things...

1) Does this work locally in your dev environment? 2) On DXC does the path to the ~/robots.txt file resolve correctly (that will help understand if the module is installed properly) 3) Do you have any other custom routing rules in your solution

SureshKalyanasundaram commented 5 years ago

1.Does this work locally in your dev environment? - Yes works fine in local dev environment 2.On DXC does the path to the ~/robots.txt file resolve correctly (that will help understand if the module is installed properly) - Yes the path ~/robots.txt file resolve correctly 3.Do you have any other custom routing rules in your solution - I think there are but that shouldn't be a problem for this. We do have custom BVN 404 handler, Sitemap add-ons which works fine.

markeverard commented 5 years ago

I can only think that this is configuration related? Are you sure that the transformer web.config used in the DXC environment contains the correct configuration for the module?

SureshKalyanasundaram commented 5 years ago

Thanks, I checked the configuration changes in DXC environment. It's same as it exists in my local environment. All the files are in there as well

  1. Modules/POSSIBLE.RobotsTxtHandler folder and files inside this folder
  2. Bin/POSSIBLE.RobotsTxtHandler.dll

Below is the one that's found as configuration changes ?

SureshKalyanasundaram commented 5 years ago

Hi Mark,

Below are some more details,

Enabled the trace logging in IIS and found the below exceptions in the trace information.

ModuleName="__DynamicModule_Microsoft.Owin.Host.SystemWeb.OwinHttpModule, Microsoft.Owin.Host.SystemWeb, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35_a7b73fde-9427-409a-adbe-e5c5766fbe6c", Notification="END_REQUEST", HttpStatus="403", HttpReason="Forbidden", HttpSubStatus="0", ErrorCode="The operation completed successfully. (0x0)", ConfigExceptionInfo=""

Are there any particular validation logic in place that the add-on use to validate user information from cookie ? it seems it fails to work using Owin framework per the above exceptions under shell module.

In local development environment application use ASP.Net authentication to validate CMS user information but in DXC environment, application use Owin authentication to validate user information.

Please advise.