I am working with google oauth. The URL that is called by google seems to be blocked by heliohost.
In the Web Application Firewall I added the security rule ID 210580, but that didn't help.
From this forum post it seems like you need to adjust the rule on your side:
https://helionet.org/index/topic/63233-solved-google-login-not-working-calling-a-403-error/
Would you be able to do that?
My domain is https://knowledgebase.heliohost.us
Here is the error
[client 2a02:21b4:1a35:d800:7573:34c7:4ad9:cef7] ModSecurity: Access denied with code 403 (phase 2). Matched phrase ".profile" at ARGS:scope. [file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||knowledgebase.heliohost.us|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.email openid https:/www.googleapis.com/auth/userinfo.profile"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "knowledgebase.heliohost.us"] [uri "/api/auth/callback/google"] [unique_id "aK7wBxk6NpbxASBBcBFsRQAAAU8"]
