Ajax lib service 403 forbidden

Ajax lib service 403 forbidden

by Milos Milosavljevic -
Number of replies: 2
Moodle started popping up messages titled "Undefined".



Inspected browser's console and got 403 Forbidden error on GET request on /lib/ajax/service-nologin.php from jquery-3.6.4.min.js
on ajaxTransport function.





Application is runs in docker container.
No error logs in Apache on this events.
Tried to switch to default theme, no result.
No basic settings in Moodle is changed, no new plugins installed, no Apache config is changed when error message started to appear.

On Course edit page also getting 403 error in events.js and first.js in all js async functions.














Average of ratings: -
In reply to Milos Milosavljevic

Re: Ajax lib service 403 forbidden

by Leon Stringer -
Picture of Core developers Picture of Particularly helpful Moodlers
But are you seeing these requests in the Apache access logs (not error logs)? If it's your web server or Moodle sending 403 Forbidden then you will see these in your logs. If it's something external (for example, a WAF like ModSecurity) then these requests won't appear in the access logs because they're being blocked before getting to Apache. See point 2. in this reply for an example request in the Apache access log. (This reply may also help).
Average of ratings: -
In reply to Leon Stringer

Re: Ajax lib service 403 forbidden

by Milos Milosavljevic -
I found access logs, no logs for 403.
Then I created my own js script to fetch data from my php source (status 200), to fetch data from php source which intentionally returns 403 (it was logged in access logs) and finally to fetch data from /lib/ajax/service-nologin.php which returned 403 without any log.
So I guess you are right since my Moodle app runs in docker but physically it is on very protected server, I will contact maintenance guys to check if they have some kind of protection.
I also noticed that ajax calls to /lib/ajax/service-nologin.php have encoded json in query parameter, so I believe that can be subject of blocking.
Will let you know...
Thanks!
Average of ratings: -