XF 1.3 nginx 403 forbidden issue with some urls

[Brent W]

Can someone shed some light on why some member profile pages are showing a 403 forbidden and some are not?

This shows a 403 forbidden (also shows this using the Google Webmasters Fetch URL tool

curl -I http://www.aspiescentral.com/members/droopy.1/

HTTP/1.1 403 Forbidden

Server: nginx centminmod

Date: Tue, 04 Feb 2014 22:45:00 GMT

Content-Type: text/html; charset=UTF-8

Content-Length: 22767

Connection: keep-alive

Vary: Accept-Encoding

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-control: private, max-age=0

Set-Cookie: xf_session=be72ad04cdc2e1b5efa32961cfb137a5; path=/; httponly

X-Frame-Options: SAMEORIGIN

Last-Modified: Tue, 04 Feb 2014 22:45:00 GMT

However, this one does not:

curl -I http://www.aspiescentral.com/members/brent.2819/

HTTP/1.1 200 OK

Server: nginx centminmod

Date: Tue, 04 Feb 2014 22:46:39 GMT

Content-Type: text/html; charset=UTF-8

Content-Length: 35241

Connection: keep-alive

Vary: Accept-Encoding

Expires: Thu, 19 Nov 1981 08:52:00 GMT

Cache-control: private, max-age=0

Set-Cookie: xf_session=c7611bd5ecdc3b0d55fae2db0fc3961d; path=/; httponly

X-Frame-Options: SAMEORIGIN

Last-Modified: Tue, 04 Feb 2014 22:46:39 GMT

 

[Chris D]

The first one, viewing as a guest, gives the message:
"This member limits who may view their full profile."

The second one has no limits and is fully visible.

The 403 error code is appropriate for something where the normal access is restricted. Be it unauthorised, privacy etc.

 

[Brent W]

The first one, viewing as a guest, gives the message:
"This member limits who may view their full profile."

The second one has no limits and is fully visible.

The 403 error code is appropriate for something where the normal access is restricted. Be it unauthorised, privacy etc.

Thanks, that makes sense. Didn't realize it was limited.