Access denied, and what’s behind?

When surfing the web, all of us, every now and then, stumble upon the pages that fail to load. The browser tab may return some obscure references. This article reviews the most common instances.

Our target is 403 Forbidden message. It is getting gradually associated with adware invasion. That is, the message ‘403 Forbidden’ appears on your screen if the page you have requested fails to load. As experts try to get insight into some resources involved with unfair advertising practices, they face the obstacle. The page does not open.

Why does it happen? One may say there is no good reason. Nice try, but not in the case of adware backed pages. They do not load intentionally if requested by random IP’s. The only allowed visitors come from the IP’s listed in the advertisers’ databases. Which IP’s get listed that way? The ones with the adware onboarded. It is the adware that makes the browsers on affected PC’s request access to the page. Only in such cases the request gets satisfied.

Is it true that 403 Forbidden always designates the case of unfair advertisement? No. A website may actually need protection from hackers.  If so, some IP’s could be banned for security reasons. Should your IP be engaged into spamming or another Internet scam, you may be restricted from visiting the pages that apply enhanced security policy.

If affected by adware, you are basically unlikely to encounter the 403 Forbidden tab when opening the malvertising URL. Quite in contrary, you belong to the pool of the compromised, forced to visit the annoying resource on and on. Others, those free of the adware, would not be able to reach the page and be presented with 403 Forbidden notifications.

The restriction pursues two goals. First of all, it is meant to set up a refined traffic. The concept has lately been introduced by IT security observers. It describes the traffic moderation chiefly for the purposes of refining it so that it would meet the advertiser’s demands. What the advertisers would demand is that the visitors are more likely to buy what they promote. People are likely to buy what they need, and how can one possibly judge what others would need? In the Internet era, your online activities are logged into the browser history. Modern adware acts as spyware retrieving the history. The history is reviewed with automated tools so that the ads presented through the gateway of a restrictive page would be a likely match of the user’s demands.

People may be unable to see the page content and stare at the above error report, for their computers have not been hacked. Their browsing history and other details are unknown to the hackers so that they cannot ensure the ads match the visitors’ profile. It is important to note the match does not ensure the quality of ads whatsoever.

The controversy about 403 error may seem to rather increase as you read the above speculations. To sum it up and make thing clear, let us lay it down another way.

403 Forbidden informs you the page has recognized your request, but you have failed to satisfy its acceptance criteria. There are two basic cases for the failure. The first one is now tending to dominate; it is when the page is backed by certain adware. The advertising campaign does not welcome random visitors as they deteriorate the refined traffic. Hence, the users are banned as they have not been affected by the adware. If that is the case, your PC has not been hit by the adware. If you are an IT researcher or enthusiast, you need to be aware of the adware and may help the victims to understand why they encounter recurrent redirects to the pesky pages. They say, realizing the problem is halfway to resolving it.

The case 1 of 403 Forbidden is basically a good one. If you see 403 Forbidden under the circumstances of case 1, your PC is free of the adware.

Case 2 implies the opposite for the viewer. It happens as your IP or other details match certain criteria indicating you as unfair or otherwise unwanted actor. For instance, there is a website called stopforumspam.com. It runs a database of IP’s to be blamed for committing forum spam. If your IP gets listed, perhaps it has been hacked, and the spammers abused it so that certain forums may restrict your access to their threads. If you believe the URL you are trying to reach is a decent one, yet it bans you, you may try to contact its administrator. The simpler but somewhat tricky way to omit the restriction is to apply VPN services. The VPN basically provides one with a third party IP, which is hopefully not listed as the spammer’s one.

The spammer’s restriction is just one example. You may get blacklisted for other reasons. Perhaps, you do not try a black hat hacking yourself, but that means somebody has engaged your computer into certain indecent activities.

Schematically, the workflow of actions when stumbling upon 403 Forbidden notifications is as follows:

Forbidden report:

Case 1. The page is a reputable one: you are blacklisted. Check your PC for viruses, contact the blacklisted databases after ensuring the cleanup has completed, as appropriate. If reaching the blocking URL is critical, consider using a third-party IP as available with a range of redirecting services e.g. VPN.

Case 2. The website is actually or potentially tricky or otherwise malicious:  you are not allowed to visit it most likely due to the so-called refined traffic policy. Good news is there is no adware onboard. Other users are infected, though. You are encouraged to share the info on the misbehaving URL with IT security circles to prevent further development of annoying, virus backed advertisement.