Are you getting 403's when downloading? Please read here first

Hi @shinn_lu,

Welcome! Thanks for raising your issue. Can you provide the command you are running or asset you are trying to access that you're receiving a 403 error for?

I'm slightly surprised that you are receiving a block in your location. We have seen developers in North America, particularly using OVH, where there was a block by Google CDN due to IPv6 being enabled. Can you please confirm that IPv6 is disabled on your host?

Let me know if this doesn't resolve the issue/ doesn't make sense and I'll raise an unblock request.

Hope that helps!

Just update,
I try to use curl from es server and get '403 Forbidden' , but if I'm using a PC and open the same URL in Chrome, I get a JSON response.

Br,
Edgars

Hi @Edgars_Lukss,

This sounds like an authentication issue against your Elasticsearch cluster rather than an issue downloading Elastic artifacts which is what this topic is focused on.

If the 403 is from you initiating a cURL request to your Elasticsearch server I would check your credentials (API key or username/ password combination) are correct.

Hope that helps! Let us know if not.

Hi @carly.richmond

I'm trying from two different machines using the CURL command. Two different results. When I run the same command from the Elasticsearch host (81.94.230.226) I get a 403.

PC:

curl -s "https://epr.elastic.co/search?package=apm&prerelease=true&kibana.version=8.17.0"

[
  {
    "name": "apm",
    "title": "Elastic APM",
    "version": "8.15.0-preview-1716438434",
    "release": "beta",
    "description": "Monitor, detect, and diagnose complex application performance issues.",
    "type": "integration",
....
}

From ES host.

curl -s "https://epr.elastic.co/search?package=apm&prerelease=true&kibana.version=8.17.0"

<!doctype html><meta charset="utf-8"><meta name=viewport content="width=device-width, initial-scale=1"><title>403</title>403 Forbidden

Thanks for clarifying what you are seeing @Edgars_Lukss. So the host you need to download onto is indeed experiencing a 403 error when trying to access the APM artifact, but it's working as expected on your own machine.

I don't see a particular reason why so I'll raise the request and revert back when I've received a response. Please note it can take some time to process the request.

Hope that helps!

Hello,
I am using these command to disable IPV6

sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1
sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=1

shinn@noble-fix:~/tmp$ sudo apt install elasticsearch
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
elasticsearch
0 upgraded, 1 newly installed, 0 to remove and 6 not upgraded.
Need to get 636 MB of archives.
After this operation, 1210 MB of additional disk space will be used.
Err:1 https://artifacts.elastic.co/packages/8.x/apt stable/main amd64 elasticsearch amd64 8.17.0
403 Forbidden [IP: 34.120.127.130 443]
E: Failed to fetch https://artifacts.elastic.co/packages/8.x/apt/pool/main/e/elasticsearch/elasticsearch-8.17.0-amd64.deb 403 Forbidden [IP: 34.120.127.130 443]
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?

Thanks for confirming @shinn_lu. I've raised the request.

Just a heads up that it can take time to action your request.

Hope that helps!

i have successful installed, thanks.

Hi @Nikita_Sarkisov,

Thanks for your patience. I've followed up with the team and they have confirmed that this ASN cannot be unblocked due to a connection to a sanctioned country. I would recommend trying another IP.

Hope that helps!

Hi, could you unblock the IP address 194.87.109.192 ? Location Zurich, Switzerland
trying to download wget https://artifacts.elastic.co/packages/8.x/apt/pool/main/e/elasticsearch/elasticsearch-8.17.1-amd64.deb

Hi @Ali_05,

Welcome! Thanks for raising your issue. Unfortunately we are unable to unblock your IP as the ASN is connected to a sanctioned country that we cannot unblock. I would recommend trying another IP if you can.

Hope that helps!

Hello,

Can you please unblock these IP addresses?

Thank you in advance

kibana@kibana-c9c89f895-lxlzs:~$ curl -qs ipinfo.io
{
  "ip": "5.35.104.144",
  "city": "Astana",
  "region": "Astana",
  "country": "KZ",
  "loc": "51.1801,71.4460",
  "org": "AS208795 \"Cloud Services Kazakhstan\" LLP",
  "timezone": "Asia/Almaty",
  "readme": "https://ipinfo.io/missingauth"
}

Errors:

[2025-02-03T07:21:35.467+00:00][ERROR][plugins.fleet] '403 Forbidden' error response from package registry at https://epr.elastic.co/categories?kibana.version=8.17.0
[2025-02-03T07:21:35.475+00:00][ERROR][plugins.fleet] '403 Forbidden' error response from package registry at https://epr.elastic.co/search?kibana.version=8.17.0

The same 403 for me with a paid VPS:

$ curl ipinfo.io
{
  "ip": "5.2.66.206",
  "city": "Lelystad",
  "region": "Flevoland",
  "country": "NL",
  "loc": "52.5083,5.4750",
  "org": "AS60404 The Infrastructure Group B.V.",
  "postal": "8224",
  "timezone": "Europe/Amsterdam",
  "readme": "https://ipinfo.io/missingauth"

$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.16.1-linux-x86_64.tar.gz
--2025-02-03 11:51:59--  https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.16.1-linux-x86_64.tar.gz
Resolving artifacts.elastic.co (artifacts.elastic.co)... 34.120.127.130, 2600:1901:0:1d7::
Connecting to artifacts.elastic.co (artifacts.elastic.co)|34.120.127.130|:443... connected.
HTTP request sent, awaiting response... 403 Forbidden
2025-02-03 11:52:00 ERROR 403: Forbidden.

Hi @olzhabay,

Welcome! Thanks for raising your issue. Unfortunately the ASN that your IP is part of is showing a connection to a sanctioned country. I'm not able to unblock this IP, so I would recommend trying an alternatively IP.

Hope that helps!

Hi @gmaOCR,

Thanks for raising! I don't see an obvious reason for your IP being unblocked, so I'll follow up with the team to confirm. I'll revert back when I have an update.

Can you please raise the command you are running or asset on which you're receiving the 403? That is useful for the request.

Just a heads up these requests can take some time to action.

Hope that helps!

@carly.richmond
I don't understand:

1. Why you said this ip won't beeing unblocked ?
2. What exactly you want more than the 403 error in my previous message ? I've understood you would like I try wget on another url maybe ? Here it is:

$ wget http://ovh.net/files/100MB.dat
--2025-02-03 12:12:27--  http://ovh.net/files/100MB.dat
Resolving ovh.net (ovh.net)... 54.39.46.56
Connecting to ovh.net (ovh.net)|54.39.46.56|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://ovh.net/files/100MB.dat [following]
--2025-02-03 12:12:27--  https://ovh.net/files/100MB.dat
Connecting to ovh.net (ovh.net)|54.39.46.56|:443... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://proof.ovh.net [following]
--2025-02-03 12:12:27--  https://proof.ovh.net/
Resolving proof.ovh.net (proof.ovh.net)... 141.95.207.211, 2001:41d0:242:d300::
Connecting to proof.ovh.net (proof.ovh.net)|141.95.207.211|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘100MB.dat’

100MB.dat               [ <=>                ]   2.04K  --.-KB/s    in 0s      

2025-02-03 12:12:27 (39.5 MB/s) - ‘100MB.dat’ saved [2088]

in case of too:

Linux vps41173046 6.1.0-30-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.124-1 (2025-01-12) x86_64 GNU/Linux

Hi @gmaOCR,

Thanks for reaching out. Please see below responses:

1. To confirm, I didn't say that your IP won't be unblocked. That was another IP raised by another developer. In your case I said:

I don't see an obvious reason for your IP being unblocked, so I'll follow up with the team to confirm.

To clarify, the unblocking is handled by an internal team that I need to raise a ticket for. Hence the need for me to follow up. But I do perform some initial checks on your IP in case there is an obvious reason why your IP would be intentionally blocked.

2. I want to know which Elastic asset you are trying to download that is generating the 403 response. This is useful for the request.

For example, are you trying to download Elasticsearch on Linux via wget as per the documentation?

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.17.1-linux-x86_64.tar.gz

Or are you downloading the Elastic APM server?

curl -L -O https://artifacts.elastic.co/downloads/apm-server/apm-server-7.17.27-linux-x86_64.tar.gz
tar xzvf apm-server-7.17.27-linux-x86_64.tar.gz

I see you've provided that in the prior response which is exactly what I need. Thanks for that! Apologies if I missed that before.

As an aside, are you using OVH for hosting (judging from your wget output)? If so, can you also confirm that you have IPv6 disabled on your host? As stated in the title topic some users have encountered issues on OVH where IPv6 is enabled.

Hope that helps!

No i'm not OVH hosting I'm on LiteServer NL. I've already tested with ipv6 off:

🗃️ greg@vxxxxxx [~] 1.9Gi/1.9Gi 🌐 Online ⏳ 13:32:02
$ cat /etc/sysctl.conf | grep ipv6
#net.ipv6.conf.all.forwarding=1
#net.ipv6.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_source_route = 0
net.ipv6.conf.all.disable_ipv6 = 1 
net.ipv6.conf.default.disable_ipv6 = 1 
net.ipv6.conf.lo.disable_ipv6 = 1 
net.ipv6.conf.eth0.disable_ipv6 = 1

OVH wget was just a random test to check wget work correctly with code 200 on another url

Great, thanks for confirming that! I've raised the request and will come back with a response when I've heard from the team.

Hi @Edgars_Lukss and @gmaOCR,

I hope you're both well. I've received word today that the ASNs for your IPs have been added to the allowlist. It can take some time to propagate but you should be able to download Elastic assets on those IPs.

Hope that helps!