jwoo wrote:

> Joachim Ring wrote:

(snipped)

> From the log, it looks like there are more than one request being made

> "GET /test.pdf HTTP/1.1" 403 286


A clear 403 Forbidden. Your server configuration is denying access.

You have included directive syntax which forbids access
or you have omitted directive syntax which allows access.

In another article you indicate, "If I turn off all security on apache...."
which is unclear as to meaning, but doing so allows access to the pdf.

So, reinsert whatever this security is, a single syntax at a time,
until you are forbidden. That syntax is your problem source.

Appears, based on your double log entry, you are banning yourself
through a lack of a referer [sic] environment variable, most
likely through use of mod_rewrite.

For many circumstances, a request comes in with a referral.
This is followed by invoking a "helper application" in
a browser, which will not have a referral. Your acrobat
reader does not provide a referral variable.

Browser -> request with referral.
Helper -> request with no referral.

Stop doing this. Use of a referral variable should _never_
be used for security. For some control, yes, but not as
a security measure.

Limit access by ip addresses, not a misspelled referral variable.


Purl Gurl
--
Corvette Mako Sharks! 56 Chevy Napco 4X4!
http://www.purlgurl.net/~godzilla/