We have a problem accessing to a webmail portal. When we try to access the site, the MWG returns us a response of "Bad Gateway".
If we include the domain in the URL whitelist the MWG still displays the error "Bad Gateway"
However, if we include the domain in the Global whitelist, the message "Bad Gateway" is not displayed. This time the browser returns a message that can not display the requested web.
If we try to access from another network without MWG we do it without problems so the website does not have accessibility issues.
We did not get around this problem. Does anyone have any idea how to fix it and why is happening?
Thank you very much.
I just tried to access the URL via a random LAB MWG and I was able to get through to the Login page. Do you see the above error message when you login and do something, or does this already happen when you just try to access http://webmail.cebadvitoria.com/horde/ ?
Can you let us know which version of MWG you are running?
We are running MWG 188.8.131.52.0 version.
I can´t see the login page because just trying to access http://webmail.cebadvitoria.com the "Bad Gateway" error message is displayed.
Thanks for your help.
I think in 184.108.40.206 we had a problem with a timeout that was too small. If the server took more than 5 seconds to respond, the Bad Gateway showed up. When you access the URL, is the error message showing up immediatly, or can you see that the browser needs a couple of seconds (only 3-5 seconds, so very quick) until the page shows up?
Okay, in this case the issue is maybe not related to the timeout. The Bad Gateway may be thrown because the server is sending a response which is not HTTP compliant, or violates the HTTP RFC in some way.
I have tested this again and I can replicate the issue with 7.0.1.x, but the issue seems to have gone in 7.1.5.x. Maybe you would like to upgrade your MWG to this version and retry?
You may also want to try to connect to
It seems that the first 302 response coming back frmo the Web Server contains a body, which is gzip encoded, but the gzip encoding is not correct, so it can´t be decoded by MWG. Please have a look.
sorry for the confusion, but now I understood it with a little Development help (so credits to Dev :-):
When you go to
the Server returns a 302 (redirect) response. In the header it tells us that it will send gzip-encoded content, but it sends the response back without encoding. Therefore the server sends a malicious response here, which may be a bug on the server or the application.
MWG returns a Bad Gateway in this case.
If you do not receive the malformed response, for example by accessing the full link posted above, the request will go through.
This behaviour is fixed in an UPCOMING version, so both, 7.1.0 and 7.1.5 still have this issue. My previous test was working because I had the full path in the URL :-(
Actually there is a workaround which works with 7.1.5 and should also work with 7.1.0:
This rule will tell MWG to not sent an "Accept-Encoding" header to the Web Server. In this case the Web Server sends the same response, but does not claim that it sends GZIP encoded content. I quickly looked into a packet capture and this looks pretty good.
Maybe you want to try this first.
Sorry for the confusion.