Http Error 400

[gaarder]

Since I am on a corporate network I have to use a proxy to access the OESF wiki, however I get the following error message:

Error 400

We're sorry, but we could not fulfill your request for / on this server.

Your proxy server sent an invalid request. Please contact the proxy server administrator to have this problem fixed.

Your technical support key is: cbc6-b2f1-b783-0251

You can use this key to fix this problem yourself.

If you are unable to fix the problem yourself, please contact michael.hubbard at gmail.com and be sure to provide the technical support key shown above.


Clicking the link "fix this problem yourself" leads to the following page
Technical Support

Your request was intercepted by security software which protects the Web site you visited from malicious activity, such as hackers, spam and viruses. We apologize for the inconvenience, but your request matched a profile of suspicious activity. This problem is usually quite easy to fix.

Your computer appears to have sent a request through a proxy server which corrupted the request. Uninstall the proxy server and try again. It is not normally enough to simply disable the proxy server. If you are required to use the proxy server, contact the proxy server administrator for assistance.

This problem may be caused by misconfigured or malfunctioning browser privacy software or personal firewall software. If you use this type of software, turn it off or reconfigure it and try again.

(Example: For Norton Internet Security, you need to disable the Stealth Mode Browsing feature.)

This problem may be caused by viruses or spyware on your computer, or by malicious software that pretends to be anti-virus or anti-spyware software. Ensure that you have REAL anti-virus and anti-spyware software on your computer, that they are kept up-to-date, and that you have run a full system scan using each tool. Once your system is cleaned of viruses and spyware, please try your request again.

The free Google Pack provides trustworthy anti-virus and anti-spyware software.

If the above suggestions fail to resolve the problem, click Back and contact the e-mail address you were given for further assistance.



----
I can access the OESF forum (which is what I am currently doing) without any problems.

[Meyer]

Please answer the following questions and I'll investigate the problem:

1. What was the URI that gave you the above error?

2. What was the date and time the error occurred? (If you can't remember, try accessing the URI again and report the results.)

3. Can you access any other MediaWiki (like Wikipedia) from behind your company's proxy server?

[tux]

Since I am on a corporate network I have to use a proxy to access the OESF wiki, however I get the following error message:

Error 400

We're sorry, but we could not fulfill your request for / on this server.

Your proxy server sent an invalid request. Please contact the proxy server administrator to have this problem fixed.

Your technical support key is: cbc6-b2f1-b783-0251

You can use this key to fix this problem yourself.

If you are unable to fix the problem yourself, please contact michael.hubbard at gmail.com and be sure to provide the technical support key shown above.


Clicking the link "fix this problem yourself" leads to the following page
Technical Support

Your request was intercepted by security software which protects the Web site you visited from malicious activity, such as hackers, spam and viruses. We apologize for the inconvenience, but your request matched a profile of suspicious activity. This problem is usually quite easy to fix.

Your computer appears to have sent a request through a proxy server which corrupted the request. Uninstall the proxy server and try again. It is not normally enough to simply disable the proxy server. If you are required to use the proxy server, contact the proxy server administrator for assistance.

This problem may be caused by misconfigured or malfunctioning browser privacy software or personal firewall software. If you use this type of software, turn it off or reconfigure it and try again.

(Example: For Norton Internet Security, you need to disable the Stealth Mode Browsing feature.)

This problem may be caused by viruses or spyware on your computer, or by malicious software that pretends to be anti-virus or anti-spyware software. Ensure that you have REAL anti-virus and anti-spyware software on your computer, that they are kept up-to-date, and that you have run a full system scan using each tool. Once your system is cleaned of viruses and spyware, please try your request again.

The free Google Pack provides trustworthy anti-virus and anti-spyware software.

If the above suggestions fail to resolve the problem, click Back and contact the e-mail address you were given for further assistance.



----
I can access the OESF forum (which is what I am currently doing) without any problems.

 Hi gaarder,

Meyer and I have had a look at the BadBehaviour messages and Meyer has been looking at the BadBehaviour code. BadBehaviour simply states that a proxy server was being used.  

We're sorry that the anti spam measures that Meyer has put in place appear to be affecting your use of the Wiki. Could you please give us more information, for example answer Meyer's questions in the post he made in response to yours?  

Are you saying that you are being blocked from viewing/browsing the Wiki or is it that editing is being blocked? Are you able to access other wikimedia sites that have BadBehaviour and the other spam defenses, some of which you suggested,  installed.  

Do you have a problem when accessing the Wiki using non-proxy access?  

Is anyone out there accessing the Wiki using a proxy server or using TOR that can give us any input?  

I must say that something strange appears to be going on if attempting to access the Wiki apparently asks for  / access.   From your experience with the wikimedia software have you any pointers to a solution? Did your IT staff have anything to say?

Cheers

[speculatrix]

I am accessing the forums and wiki through a squid proxy on my linux firewall and not noticed any problems.

[LadyHoldem]

I just ran into this problem attempting to post a blog entry to one of my own websites using word press.. When I took the issue to my host, I was directed to the abuse dept, i'm very interested in lerning more about the error.

[tux]

I just ran into this problem attempting to post a blog entry to one of my own websites using word press.. When I took the issue to my host, I was directed to the abuse dept, i'm very interested in lerning more about the error.

Hi,

take a look at the Images thread. Are you using the BadBehaviour extension?

What sort of Zaurus are you using?

Cheers

 

[LadyHoldem]

It was the bad behavior plugin.. behaving badly

[tux]

It was the bad behavior plugin.. behaving badly

  Any suggestions?
 

[gaarder]

Well, thanks to tux for bringing me back to this thread (and the image upload thread next door). As I am recently busy with some other stuffs I do not check oesf that often anymore... anyway lets first answer your questions:

1. What was the URI that gave you the above error?
Any page on the oesf wiki, for example: https://www.oesf.org/index.php?title=Main_Page
I am effectively blocked from viewing all oesf wiki pages from my office network.

2. What was the date and time the error occurred? (If you can't remember, try accessing the URI again and report the results.)
Well, basically I can reproduce the error any time I was in office when I try to access any wiki pages. The last time I had such problem.. was probably the time when I posted the message, so it was approximately Nov 4 2007, 09:41 PM server time.

3. Can you access any other MediaWiki (like Wikipedia) from behind your company's proxy server?
Yes, of course. I own several MediaWiki websites myself: here, here, here, and here, just to name a few. And I can access them from office without any problem.

4. Are you saying that you are being blocked from viewing/browsing the Wiki or is it that editing is being blocked? Are you able to access other wikimedia sites that have BadBehaviour and the other spam defenses, some of which you suggested, installed. cool.gif
I will check tomorrow when I am back in office to see if viewing the wiki is still being blocked - if it is so then I believe there's too much anti-spam defenses on the website and that's affecting legitimate users. No I am not aware of any other mediawiki sites with the BadBehaviour extension.

5. Do you have a problem when accessing the Wiki using non-proxy access?
Well I am now on my home network at a fixed IP (through a router)  at 125.59.xx.xx and had no problem viewing the site - but Bad Behaviour is preventing me from creating a new user account on the wiki. I do not experience the same problem I had in office when I use my own private Squid server at 202.177.xx.xx to access the wiki, account creation is still blocked though.

6. I must say that something strange appears to be going on if attempting to access the Wiki apparently asks for / access. blink.gif From your experience with the wikimedia software have you any pointers to a solution? Did your IT staff have anything to say?
Since it is apparent from the Bad Behaviour page itself that the bad behavior extension is generating way too many false positives, I think it may be more beneficial if the extension is removed and replaced with other anti-spam measures, for example the ReCaptcha extension developed by UC Berkeley together with some access control customization settings. On the other hand you could try settings Bad Behavior blocking mode to normal, instead of strict I presume you are running. The Bad Behavior extension does not offer any fine tuning of the anti-spam settings, and the documentation is awfully vague and limited: quote

Strict: Bad Behavior operates in two blocking modes: normal and strict. In normal mode, some checks which could stop spam, but also block certain types of corporate and government users, are disabled. When strict mode is enabled, spam from these sources is blocked, but those users may be blocked as well. It is up to you whether you want to have the government reading your blog, or keep away the spammers.

(Other options are present, but not currently used in the MediaWiki port.)

p.s.
Wikipedia does not use Bad Behavior, instead they use AntiSpoof, a modified ConfirmEdit for links in incoming edits and account creation, SpamBlacklist and Username Blacklist.

[gaarder]

Update: I still have the same 400 error when I try to access any page in the wiki from office, just now.

[gaarder]

Okay, I got around setting up a test server running MediaWiki and Bad Behavior:

Commenting the below lines in common_tests.inc.php unblocks myself from the site:
   if (array_key_exists('Proxy-Connection', $package['headers_mixed'])) {
      return "b7830251";
   }

According to google, Proxy-Connection: Close is a legitimate http header. See here for another user blocked by Proxy-Connection

[Meyer]

Thanks for doing all the research, gaarder. You saved OESF Wiki from the login-eating Bad Behavior beast.

Regarding your original problem, you've also dug-up a lot of valuable information.

Your problem is not being caused by Bad Behavior's strict checking mode since it has been configured for just normal checking since I installed it.

I have implemented your proposed patch to common_tests.inc.php. Please see if this unblocks your work client.

[gaarder]

Thanks a lot, I can now access the wiki properly from office.

[sdjf]

Just for the record, Recaptcha is from Carnegie Mellon, not from UC Berkeley.

sdjf