Problem 1
On my server i have a function that does a “wget whatsmyip.com” and this is working just fine. Now i need to be using consul. So I registered a consul service called “myip”. When i do a “wget myip” I see that my server is connecting to the right ip adress and port but i get a 403 forbidden request.
This is my service
"ID": "myip",
"Name": "myip",
"Address": "whatsmyip.com",
"Port": 7586
This is the response
[lil ~]$ wget myip
–2019-08-12 07:52:08-- http://myip/
Resolving myip (myip)… 104.31.83.52, 104.31.82.52, 104.31.83.52, …
Connecting to myip (myip)|104.31.83.52|:80… connected.
HTTP request sent, awaiting response… 403 Forbidden
2019-08-12 07:52:08 ERROR 403: Forbidden.
The problem is that i also cant wget on the ip-address solo. wget 104.31.83.52 is not working. Is there a way to let consul use hostname instead of ip address?
The problem seems to be on the server side of whatsmyip.com
.
This is without a host header:
mkeeler-mbp:~ mkeeler$ curl -I http://104.31.83.52/
HTTP/1.1 403 Forbidden
Date: Mon, 12 Aug 2019 13:21:05 GMT
Content-Type: text/html; charset=UTF-8
Connection: close
Set-Cookie: __cfduid=dbab9fa1960eae8d68e938b36656345971565616065; expires=Tue, 11-Aug-20 13:21:05 GMT; path=/; domain=.104.31.83.52; HttpOnly
Cache-Control: max-age=15
Expires: Mon, 12 Aug 2019 13:21:20 GMT
X-Frame-Options: SAMEORIGIN
Server: cloudflare
CF-RAY: 5052c0178a16cf40-IAD
This one is with a host header:
mkeeler-mbp:~ mkeeler$ curl -I -H 'Host: whatsmyip.com' http://104.31.83.52/
HTTP/1.1 301 Moved Permanently
Date: Mon, 12 Aug 2019 13:21:06 GMT
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 12 Aug 2019 14:21:06 GMT
Location: https://whatsmyip.com/
Server: cloudflare
CF-RAY: 5052c021392fe0b2-IAD
Basically the server wants to ensure that the Host is whatsmyip.com
and if it isn’t its configured to get a 403. So the problem is that wget/curl would by default set the Host
to whatever the DNS name was that you gave it. So in your case it would set Host
to myip
. This is then rejected by the whatsmyip servers. To get around this just override the tools behavior and force the Host
header to be whatsmyip.com
.