Access Denied You don't have permission to access "http://support.apple.com/kb/index?" on this server. Reference

burrobert wrote:

I get the same message when accessing support.apple, discussions.apple etc using my home IP address. If I go out or use a hotspot from my iPhone the error does not appear. Would apple block an IP address for some reason?

No, but it is possilbe you have adware installed that is redirecting your requests. Or, your router could have been hacked and is redirecting requests.

To check for adware, see here: Remove unwanted adware that displays pop-up ads and graphics on your Mac - Apple Support

or here: http://www.adwaremedic.com/index.php

For your router, you would need to do a factory reset, then change the admin username and password. See your router documentation on how to do that.

An Airport Extreme, as far as I know, hasn't been hacked.

The permissions on your Mac would have nothing to do with the permissions on Apple's web server.

Apple has been restructuring the knowledge base articles, organizing them differently. It's possible that location does not exist anymore.

I just get a blank page. Nothing loads; nothing in the source.

I get the same message when accessing support.apple, discussions.apple etc using my home IP address. If I go out or use a hotspot from my iPhone the error does not appear. Would apple block an IP address for some reason?

Thanks Barney. I don't think it is adware as the same problem affects all devices using the home network (iPhone, IPad, MacBook and Ubuntu machine). I did however follow the instructions relating the adware for my macBook and found nothing. I did reset my router to factory defaults but unfortunately this did not solve the problem. I am considering asking my ISP to assign me another IP address to see if this works.

burrobert wrote:

I did reset my router to factory defaults but unfortunately this did not solve the problem.

I think Barney is right on track... it sounds like a network problem, probably being caused by hackers who are trying to prevent you from accessing sources of information that could lead you to a fix. This wouldn't be the first time recently that hackers have done this kind of thing.

If this is a router issue, resetting to factory defaults may not be sufficient to solve the problem... it depends on the router. You'll want to contact the router manufacturer. Also, note that it may not be the router that is the cause. If you have a wireless router connected to a cable or DSL modem, the modem itself could be the problem. For some additional instructions, see:

http://www.adwaremedic.com/kb/hackedrouter.php

Another alternative is that the domain name server (DNS) used by your network has been compromised. If that is the case, it should resolve itself soon, but you can fix it yourself in the short term by switching DNS settings. See:

http://www.adwaremedic.com/kb/baddns.php

(Fair disclosure: I may receive compensation from links to my sites, TheSafeMac.com and AdwareMedic.com.)

In order to test the theory that the modem had been hacked I setup the home network with a separate modem but the same IP address. The access denied error remained when trying to access the apple discussions and support sites. No other sites are affected in this way.

Barney I have a few devices connected to the network. Here is the list:

One macbook and my iPhone have dns entry 192.168.0.1 which is the modem router’s address,

The other macbook and iPad have some dns entries which I use to access certain services.

The Ubuntu machine has the default dns entry which is also 192.168.0.1.

burrobert wrote:

In order to test the theory that the modem had been hacked I setup the home network with a separate modem but the same IP address.

Just to make sure you're using the right terminology, what are you calling the "modem?" This should be the device that is directly connected to either the cable or phone line to provide internet access. Is that the device that you swapped, or did you change a wireless router connected via ethernet cable to the modem?

If you swapped the router, that still means that the modem could be compromised. You would need to talk to your internet service provider about how to solve that.

If you swapped the modem, but were using the same wireless router in both tests, the router could be the problem. Test again without using the wireless router, or using a different router.

If you used two different modems, and cut the wireless router out of the equation, you'll need to try the DNS-related solution mentioned in my previous post. Your DNS is currently assigned by the network, but I don't know whether it is your modem or your router that is in charge of the network... could be either, depending on your network hardware and its configuration.

The original device is a modem router so I guess it does both jobs. It connects to a phone line and devices connect to it via wifi. The problem also exists if I turn off wifi and connect via Ethernet. The second device is a modem which connects to a phone line and requires an Ethernet connection. There was no router involved with the second device. I will have a look at the DNS suggestion you made earlier. It seems unlikely to me that DNS is involved since the various devices connected to the modem have different DNS settings and the problem affects 2 different modems.

Well, this is something you'll have to talk to your internet service provider (ISP) about, then. I'm not sure what might be going on, but you've already isolated the problem to be network-related. There may be some kind of odd problem with your ISP's network that is completely independent of your modem and settings. Make sure to point out to your ISP all the steps you have taken to isolate the problem (testing the affected device(s) on other networks) and the solutions that haven't worked.

burrobert wrote:

In order to test the theory that the modem had been hacked I setup the home network with a separate modem but the same IP address. The access denied error remained when trying to access the apple discussions and support sites. No other sites are affected in this way.

Unless you've already tried, isolate it to your network by taking your MBP to a wifi access point and try there. If it connects ok, I would say it is something within your network.

I did speak to my ISP about this issue. The person I spoke to asked me to do a traceroute to the site. He said the output showed that the request had passed through the ISP and out the other side so the ISP was not blocking the request. He could not say who else might be doing the blocking but I would have thought apple itself most likely. Anyway changing my IP address has fixed the issue and I can now access discussions.apple.com and support.apple.com, at least for the moment (until they catch up with me?!). In case this interests or makes sense to anyone the (edited) output of the trace route was as follows (apparently akamaitechnologies provide services for apple):

4 161.43.103.1 (161.43.103.1) 27.266 ms 27.795 ms 27.111 ms

5 * * *

6 * * *

7 * * *

8 * * *

9 mas1-ge3-1.gw.optusnet.com.au (210.49.105.18) 39.567 ms

mas1-ge10-1.gw.optusnet.com.au (210.49.105.10) 40.059 ms

mas1-ge3-1.gw.optusnet.com.au (210.49.105.18) 40.454 ms

10 198.142.144.18 (198.142.144.18) 40.230 ms 40.728 ms 41.009 ms

11 a104-68-0-145.deploy.static.akamaitechnologies.com (104.68.0.145) 40.363 ms 39.391 ms 40.090 ms

I believe I may have tracked down the source of the problem. It seems that if you run a Tor relay for long enough your IP address ends up in blocklists maintained by various services. One of these services is Akamai and Apple seems to be using Akamai services. The traceroute in the previous post shows Akamai as the last destination in the chain. Relatedly, discussions.apple.com and support.apple.com are not available via the Tor web browser. It is disappointing that apple discriminates against Tor users in this way.

burrobert wrote:

It is disappointing that apple discriminates against Tor users in this way.

This isn't discrimination against Tor, it's due to the fact that Tor is commonly used by hackers and criminals to do things that they don't want traced back to them. This means that Tor endpoints often end up on blacklists following abuse by folks using them for criminal purposes. It's not unreasonable for a site's security strategy to include denying connections coming from known Tor endpoints.

I realise this is not the place to have a political discussion about Tor. However, if other services took the same approach as apple then Tor users in various parts of the world would not have access to many important sites such as Twitter, Facebook, news sites etc. My other point was that not only Tor users are affected by apple's approach. Merely running a Tor relay (not even an exit node) results in one's IP address being blocked from accessing apple content.