Skip to content

Add descriptive 403 for /server endpoint#1497

Merged
jokob-sk merged 1 commit intonetalertx:mainfrom
adamoutler:improve-403-message
Feb 8, 2026
Merged

Add descriptive 403 for /server endpoint#1497
jokob-sk merged 1 commit intonetalertx:mainfrom
adamoutler:improve-403-message

Conversation

@adamoutler
Copy link
Member

@adamoutler adamoutler commented Feb 8, 2026
edited by coderabbitai bot
Loading

A new 403 page describes the issue faced in #1496, which is intended operation. However, the previous standard Nginx 403 message was too generic and did not give the user any further information about how to proceed when faced with a 403 from the internal /server proxy. This 403 page should fix that problem.
image

Summary by CodeRabbit

  • New Features
    • Implemented a custom 403 Forbidden error page for internal-only endpoints. The page features branded styling and responsive design, clearly communicates that access is restricted, explains the endpoint is for internal use only, blocks external origins, and provides guidance directing users to contact an administrator or access via the standard web interface.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Feb 8, 2026
edited
Loading

📝 Walkthrough

Walkthrough

The pull request adds a custom 403 Forbidden error page and configures nginx to serve it when clients attempt to access the /server endpoint without proper authorization. This includes a new HTML file and an nginx configuration directive.

Changes

Cohort / File(s) Summary
Custom Error Page
front/403_internal.html		 New static HTML file providing a styled 403 Forbidden page with messaging that /server is for internal use only, branded footer, and responsive styling.
Nginx Configuration
install/production-filesystem/services/config/nginx/netalertx.conf.template		 Added error_page directive mapping HTTP 403 responses to the new /403_internal.html custom error page within the /server/ location.

Possibly related PRs

  • Enable proxies on docs #1450: Relates to /server endpoint handling; this PR adds custom error page display while the other PR handles reverse-proxy exposure of the endpoint.

Poem

🐰 A hoppy forbidding,
With style to be seen!
"Access denied," we sing,
But at least it's pristine!
Internal affairs, kept secret and green. 🌿

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title directly and accurately describes the main change: adding a descriptive 403 error page for the /server endpoint.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

No actionable comments were generated in the recent review. 🎉

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@jokob-sk jokob-sk merged commit b703397 into netalertx:main Feb 8, 2026
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@adamoutler @jokob-sk