Welcome to WebmasterWorld Guest from 188.8.131.52
Forum Moderators: ocean10000
Yesterday the site dropped 20+ places in the Google rankings which prompted me to check over things. When i navigated through the site i got a lot of 401/407 errors which went after some refreshing. I also received an email from freewebmonitoring.com who reported that they had seen a 401 error as well. Google Webmaster Tools has also reported a 401/407 error for a few pages - which explains the drop in rankings.
In the past i've made loads of changes to the site to try and narrow down the possible causes of the errors. I've changed the hosting, i've removed the MSAccess driven news story feed from the site template (so the only place that could cause an error is on the news page) and i've also spoken to the new host provider (with no resolution).
This time the host provider is saying that they dont see any 401/407 errors in the server logs and neither do i! But i witnessed the errors in my browser that day!
Im stumped and as im usually a "know it all" this is really pissing me off! Any help or if you want the URL please let me know.
The request requires user authentication. The response MUST include a WWW-Authenticate header field containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field. If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information.
407 Proxy Authentication Required
This code is similar to 401 (Unauthorized), but indicates that the client MUST first authenticate itself with the proxy. The proxy MUST return a Proxy-Authenticate header field containing a challenge applicable to the proxy for the requested resource. The client MAY repeat the request with a suitable Proxy-Authorization header field.
Really, it seems you've a lot more information collecting to do here, as aside from the clues above, "it could be anything, really" -- Bad script, hack, etc. Also, make sure your server's not configured as an open proxy.
I can pm the url if you want but im pretty sure there is nothing that could be deemed as unauthorized. The errors were happening randomly on every page of the site and they'd go after a couple of refreshes. It was happening even on the simplest of pages.
Ive had some feedback from another forum that suggested the problem may be related to the server setup. Ill quote...
"Judging by the 401 and 407 error codes that is a problem with ISA server or the host is old and still using the proxy set up. The errors wont appear in the log files which you and the host provider examined because they arent getting that far. Those errors are occurring at the host firewall."
"The only explanation for seeing 401/407 errors when there are no pages, scripts or services on the site which require authentication is that the host has problems with ISA."
Any of the above sound plausible?