I uploaded a simple Sinatra app to AppFog. It worked well on my local machine. But after uploading the app to AppFog, a page with "Forbidden" message is shown when I access to AppFog domain.
These are appFog logs:
====> /logs/stderr.log <====
...
W, [2012-06-01T06:32:54.008426 #28933] WARN -- : attack prevented by Rack::Protection::IPSpoofing
211.32.146.42 - - [01/Jun/2012 06:32:54] "GET / HTTP/1.1" 403 - 0.0002
10.0.64.157 - - [01/Jun/2012:06:32:54 UTC] "GET / HTTP/1.0" 403 9 - -> /
W, [2012-06-01T06:32:54.393022 #28933] WARN -- : attack prevented by Rack::Protection::IPSpoofing
211.32.146.42 - - [01/Jun/2012 06:32:54] "GET /favicon.ico HTTP/1.1" 403 - 0.0002
10.0.64.157 - - [01/Jun/2012:06:32:54 UTC] "GET /favicon.ico HTTP/1.0" 403 9 - -> /favicon.ico
I did not use Rack::Protection::IPSpoofing in my code, but I get those errors. Rack::Utils is used in helpers block. Is that causing the problem?
The only Ruby code I wrote is following:
require 'sinatra'
require 'data_mapper'
require 'builder'
require 'sinatra/flash'
require 'sinatra/redirect_with_flash'
require 'haml'
enable :sessions
SITE_TITLE = "Recall"
SITE_DESCRIPTION = "'cause you're too busy to remember"
DataMapper::setup(:default, "sqlite3://#{Dir.pwd}/recall.db")
class Note
include DataMapper::Resource
property :id, Serial
property :content, Text, :required => true
property :complete, Boolean, :required => true, :default => false
property :created_at, DateTime
property :updated_at, DateTime
end
DataMapper.finalize.auto_upgrade!
helpers do
include Rack::Utils
alias_method :h, :escape_html
end
get '/' do
@notes = Note.all :order => :id.desc
@title = 'All Notes'
if @notes.empty?
flash[:error] = 'No notes found. Add your first below.'
end
haml :home
end
# ...
You can check out the whole source codes here.
How can I solve this problem? Thanks for any advices.
This is an easy fix, try adding this:
set :protection, :except => :ip_spoofing
We are patching our nginx soon to fix this issue, but this work around will help for now.