tobacom Posted 2 hours ago Posted 2 hours ago Hello, I am getting a 403 Forbidden error due to a modsecurity false positive when users return to my site from google oauth login. The Comodo WAF Rule ID 210580 gets triggered because google's callback url legitimately contains "userinfo.profile" in the scope parameter, which the firewall mistakes for an os file access attempt. domain: tobacom.helioho.st url: /api/googleauth could you please whitelist this rule for my domain? thanks full error: ModSecurity: Access denied with code 403 (phase 2). Matched phrase ".profile" at ARGS:scope. [file "/etc/httpd/conf/modsecurity.d/rules/comodo_free/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||tobacom.helioho.st|F|2"] [data "Matched Data: .profile found within ARGS:scope: email profile https:/www.googleapis.com/auth/userinfo.profile https:/www.googleapis.com/auth/userinfo.email openid"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "tobacom.helioho.st"] [uri "/api/googleauth"] [unique_id "aaRzqb0uOZk8uLSVyn3AywAAA40"], referer: https://accounts.google.com/ Quote
KazVee Posted 1 hour ago Posted 1 hour ago This support request is being escalated to our root admins. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.