All Collections
Portal FAQ
Portal
Portal inaccessible "access denied" error?
Portal inaccessible "access denied" error?
Updated over a week ago

Error messages may appear from time to time inside the portal, for a variety of valid reasons that give feedback to the user on their use of the platform. Such as, when someone attempts to access a resource they don't have permission to access, perhaps a session has timed out, or when someone attempts to access a resource that has been previously deleted, for instance. These messages will appear towards the top of the portal page and look similar to this.

However if the portal itself becomes inaccessible and you are receiving an error that typically looks like the one below this could be the portal applying its security protection controls, which are there to protect itself and its customers and users from malicious actors on the internet, or other reasons such as a temporary server error.

Portal security protection controls

Portal security protections controls include:

  • Explicit IP blocking / blocklisting

  • Location-based blocklisting

  • Rule-based blocking (i.e. web application firewall protections)

  • Reputation-based blocking

  • HTTP request rate controls (e.g. DoS protections)

The following activities may trigger application security controls:

  • Web application layer attacks such as: SQL Injection, Cross-Site Scripting, Local File Inclusion, Remote Command Execution, Remote File Inclusion, etc.

  • Volumetric attacks or similar high rate HTTP traffic

  • Web contents scraping, data mining, web content indexing and similar automated web activities

  • Web vulnerability scanning using automated tools

It is possible that a completely inadvertent action may trigger the portals security policy controls, and it is possible you are inadvertently connecting from a location or from a internet address that, for whatever reason, currently has a poor reputation. You may be completely unaware of why this might be occurring.

So false positives can occur, and while we continuously tune our policies to maximize accuracy in applying those controls, it remains equally important to maintain ever stronger portal security controls, in order to keep the portal safe and its users safe on the platform.

Things to try:

  • Retry: Refresh the page, or retry the request.

    • A temporary server error may be transient and occur only the once, retry to see if the error persists.

  • Wait 10 minutes and Retry:

    • If a client request violation triggers the portal's security policy controls, that client's source IP address may be put in a "penalty box" and access denied to it for 10 minutes.

    • After 10 minutes, the client moves out of the "penalty box", and it's requests are no longer denied. Unless another request triggers a violation action again which would sends the client back into the "penalty box" for another 10 minutes.


Troubleshooting False Positives

On the internet your reputation follows you. If your internet address (IP) is identified as behaving poorly on one site, you may be blocked on other websites. A first step in troubleshooting may be to determine whether your organization is performing one of the activities listed above that could affect your reputation.

You can use Akamai's Client Reputation lookup tool to check whether your connecting IP address received a bad reputation score and submit an investigation request in case you believe it was mistakenly flagged as malicious. You can also supply the Reference #18.xxxx and page supplied in the Access Denied error for further investigation.

Did this answer your question?