Why Is a 4XX Status Code Returned When I Request Resources from My Acceleration Domain Name?

Status Code 403

If the status code 403 is returned, locate the fault as follows:

1. Check whether your origin server can be accessed. For details, see How Do I Check Whether an Access Fault Is Caused by the CDN PoP or Origin Server?.
2. Check whether the CNAME record matches your acceleration domain name. For details about how to configure the CNAME record, see Configuring a CNAME Record.

   

3. If you have configured referer validation, check whether your request URL is allowed by the referer validation rule. CDN identifies and filters out visitors based on a referer blacklist or whitelist. Unqualified users will receive a 403 error response. For details about the rules, see Configuring Referer Validation.
4. If your origin server is an OBS bucket, check whether you have configured a referer whitelist on the origin server and specified that blank referer is not allowed, but no referer validation settings are configured in CDN. If the original request does not carry referer information, CDN will not carry any referer information during origin pull. In this case, origin pull fails and the origin server returns status code 403. To fix this fault, modify the referer validation rule in OBS. For details, see Configuring Referer Validation.
5. If your origin server is an OBS private bucket and OBS authorization is not enabled on CDN, 403 will be returned. Enable OBS authorization on CDN. For details, see OBS Authorization.
6. If you have configured an IP address whitelist or blacklist, check if your IP address is in the blacklist or is not in the whitelist. If it is in the blacklist or is not in the whitelist, your request will be rejected and a 403 status code will be returned. For details, see IP ACL.
7. If you have configured a User-Agent blacklist or whitelist, check if your request URL is in the blacklist or is not in the whitelist. If it is in the blacklist or is not in the whitelist, your request will be rejected and a 403 status code will be returned. For details, see User-Agent ACL.
8. If you have configured token authentication, check the validity period of the signed URL. If the URL has expired, your access to it will be rejected and a 403 status code will be returned. For details, see Token Authentication.

Status Code 404

If the status code 404 is returned, locate the fault as follows:

1. Access the URL of the origin server and check whether 404 is returned. For details, see How Do I Check Whether an Access Fault Is Caused by the CDN PoP or Origin Server?.
2. If the origin server can be accessed, log in to the CDN console and check whether the host header is correct on the Basic Settings tab of the domain name. For details, see Host Header.
   The differences between the origin server and the host are as follows:

   • The origin server decides the address to be accessed during origin pull.
   • The host decides the site that is associated with the requested content.

     Let's assume that the origin server IP address is x.x.x.x, the acceleration domain name is www.example.com, and sites www.a.com and www.b.com are deployed on the origin server.

     • If you want CDN to pull content from the origin server, set the origin server to x.x.x.x on CDN.
     • By default, the host is the acceleration domain name www.example.com. If you want CDN to pull content from the www.a.com or www.b.com site, set the host host to www.a.com or www.b.com.

   

   • If the origin server is an OBS bucket, the host must be the domain name of the OBS bucket.
   • If your origin server is an object storage bucket of a third party, change the host to the bucket domain name.
3. Check whether the origin server configuration is correct on the Basic Settings tab of the domain name on the CDN console. If not, change the IP address or domain name of the origin server to the correct one.

Status Code 405

Symptom: Content of a domain name with CDN acceleration enabled cannot be accessed, and status code 405 is returned on the Headers tab under Network of the DevTools.

Cause: The response header does not support the POST method.

Solution: Edit the HTTP header configuration. Add the header Access-Control-Allow-Methods and set its value to POST. For details, see HTTP Header Settings (Cross-origin Requests).