Hello, I am getting a 403 Forbidden error due to a modsecurity false positive when users return to my site from google oauth login.
The Comodo WAF Rule ID 210580 gets triggered because google's callback url legitimately contains "userinfo.profile" in the scope parameter, which the firewall mistakes for an os file access attempt.
domain: tobacom.helioho.st
url: /api/googleauth
could you please whitelist this rule for my domain? thanks
full error:
ModSecurity: Access denied with code 403 (phase 2). Matched phrase ".profile" at ARGS:scope. [file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||tobacom.helioho.st|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.profile https:/www.googleapis.com/auth/userinfo.email openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "tobacom.helioho.st"] [uri "/api/googleauth"] [unique_id "aaRzqb0uOZk8uLSVyn3AywAAA40"], referer: https://accounts.google.com/
Hello, I am getting a 403 Forbidden error due to a modsecurity false positive when users return to my site from google oauth login. The Comodo WAF Rule ID 210580 gets triggered because google's callback url legitimately contains "userinfo.profile" in the scope parameter, which the firewall mistakes for an os file access attempt. domain: tobacom.helioho.st url: /api/googleauth could you please whitelist this rule for my domain? thanks full error: ModSecurity: Access denied with code 403 (phase 2). Matched phrase ".profile" at ARGS:scope. [file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||tobacom.helioho.st|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.profile https:/www.googleapis.com/auth/userinfo.email openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "tobacom.helioho.st"] [uri "/api/googleauth"] [unique_id "aaRzqb0uOZk8uLSVyn3AywAAA40"], referer: https://accounts.google.com/