<-- Back

403 forbidden error when accessing applications in Mendix Cloud

 

Issue

While trying to access an application hosted in Mendix Cloud, the following error is received.

403 Forbidden

 

Environment

Applications hosted in Mendix Cloud 

 

Cause

A 403 Forbidden indicates that the server received the request but is refusing to fulfill it due to insufficient permissions. In Mendix, this can occur when access to an application is restricted through Restrict Access for Incoming Requests.

This error typically appears in two scenarios: 

  • The public IP address used to access the application is not included in the configured IP restriction profile. For more information, refer to Access Restriction Profiles
  • The IP address has explicitly been denied access within that profile. For more information, refer to IP Restriction Profiles

If the application was previously accessible but suddenly became unreachable, with no changes made to the application or its restricted access for incoming requests settings, the cause may lie in network infrastructure changes, such as firewall modifications or routing updates.

 

Solution/Workaround

To confirm that access is being denied due to IP restrictions, follow these steps:

  1. Identify the public IP address from which the request originates. If a private IP address (one used only within a local network and not reachable over the internet) is being used, retrieve the public IP using a web tool such as whatismyip.com.
  2. Check the access logs, where every request made to a server is recorded, and look for an entry similar to access forbidden by rule, client: [IP address] matching the IP identified in step 1.
  3. Check the Access Restriction Profile in Cloud Settings in the Mendix Portal (see Access Restriction Profiles). If the IP is not listed in the active profile, add it to allow access.
  4. Check the IP Restriction Profile in Cloud Settings in the Mendix Portal (see IP Restriction Profiles). If the IP is listed, it has been explicitly denied access. If this is unintended, remove it from the profile to restore access.

If no changes were made to the access restriction or IP restriction profiles, consult the internal network team to verify whether any recent network infrastructure changes or firewall modifications have resulted in a change to the company's public IP address.

 

Internal information related

#271381

 

Additional information

Mendix documentation:

 

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.

To provide feedback, please open a ticket here. Don't forget to include the article's URL along with the feedback you would like to provide.