[CentOS-mirror] CentOS Mirror

Tue May 15 06:57:19 UTC 2018
Temur Maisuradze <temur at grena.ge>

Dear Anssi,

all those problems was because of modsecurty module which checks 
anomalies of requests and responses.
I just disabled it now, can you check it again?
all issues are resolved.

Thank you in advance
Best Regards,
Temur

On 15-05-2018 06:29, Anssi Johansson wrote:
> Anssi Johansson kirjoitti 14.5.2018 klo 10.12:
>> Temur Maisuradze kirjoitti 1.5.2018 klo 17.08:
>>> Hello,
>>> 
>>> I have done setup of the new mirror, initial sync and cron job.
>>> 
>>> HTTP: http://centos.grena.ge/
>>> HTTPS: http://centos.grena.ge/
>>> 
>>> Sync schedule: Every 2 hrs
>>> Bandwidth: 1 Gbps
>>> Location: Tbilisi, Georgia
>>> Sponsor: GRENA
>>> Sponsor URL: https://www.grena.ge/
>>> IPv4 address to authorize: 217.147.225.74
>>> Email contact: sysadmin at grena.ge
>>> Mirroring AltArch: no
>>> 
>>> Best Regards,
>>> Temur Maisuradze
>>> System Administrator
>> Hmm, your mirror would be gladly accepted, but I ran into an issue 
>> while validating your mirror. My own mirror checking script (written 
>> in Perl) said that it could not download some files, but accessing 
>> those same files with a normal browser worked OK.
>> 
>> This works (edited for brevity):
>> $ telnet centos.grena.ge 80
>> GET /timestamp.txt HTTP/1.1
>> Host: centos.grena.ge
>> User-Agent: x
>> Accept: */*
>> HTTP/1.1 200 OK
>> Server: Apache
>> Mon May 14 04:48:01 UTC 2018
>> 
>> However, these two variants give a 403:
>> $ telnet centos.grena.ge 80
>> GET /timestamp.txt HTTP/1.1
>> Host: centos.grena.ge
>> Accept: */*
>> HTTP/1.1 403 Forbidden
>> Server: Apache
>> You don't have permission to access /timestamp.txt on this server.
>> $ telnet centos.grena.ge 80
>> GET /timestamp.txt HTTP/1.1
>> Host: centos.grena.ge
>> User-Agent: x
>> HTTP/1.1 403 Forbidden
>> Server: Apache
>> You don't have permission to access /timestamp.txt on this server.
>> 
>> Looks like your server requires both User-Agent and Accept fields. Is 
>> this intentional? I'm afraid this will cause problems with our mirror 
>> validating scripts, and perhaps also for other users of your mirror 
>> who don't send an Accept header. Most clients do send the User-Agent 
>> header, so that is less of a concern.
> 
> It turns out that our mirror validating scripts would not catch this
> problem, but when I plugged in your mirror URLs to my CentOS 6 and
> CentOS 7 installations I got those 403 Forbidden errors.
> 
> # yum update
> Loaded plugins: fastestmirror, presto
> Setting up Update Process
> ...
> failure: repodata/repomd.xml from updates: [Errno 256] No more mirrors 
> to try.
> http://centos.grena.ge/7/updates/x86_64/repodata/repomd.xml: [Errno
> 14] HTTP Error 403 - Forbidden
> 
> I'm afraid I will need to disable your mirror in our database until
> this issue has been resolved.
> _______________________________________________
> CentOS-mirror mailing list
> CentOS-mirror at centos.org
> https://lists.centos.org/mailman/listinfo/centos-mirror

-- 
Sincerely,
Temur Maisuradze
System Administrator

*********************************************************
Georgian Research and Educational Networking Association
10 Chovelidze Street
0108 Tbilisi, Georgia
Tel: +995 32 225 05 91
Fax: +995 32 291 29 52
Mob: +995 598 123 000
www.grena.ge