Cerber blocking Clicktrack redirects

Hi,

We’ve been using WP Cerber for our various WordPress websites for a while.  Until recently, all has worked smoothly, but as of last week we experienced an issue that we think might be related to the latest WP Cerber release (version 7.9). 

We use an in-house click tracking system where URLs to a specific aspx page of any subdomain of our primary domain get redirected to new destinations.  WordPress doesn’t support aspx, so for the sub-domains pointed at worpdress sites, we first use Apache re-writes to re-direct.  For example:
 
http://www.example.com/m/ct.aspx?ici=1227 redirects to http://redirect.example.com/m/ct.aspx?ici=1227 which uses the clicktrack to redirect to the destination https://www.example.com/ and appends the following querystring parameters: 

?utm_source=Google&utm_medium=Search%20Engine&utm_campaign=Brand%20ESL%20PT%20Countries%20Core%20GAW

Until we upgrade to version 7.9, this worked well.  Since the upgrade, the final destination URLs have been blocked by WP Cerber, generating 403 Errors.

We have identified a workaround by pre-pending an anchor tag (specifically we are using “#adw” in the final destination URL:

Original redirected URL
https://www.example.com/?utm_source=Google&utm_medium=Search%20Engine&utm_campaign=Brand%20ESL%20PT%20Countries%20Core%20GAW 

Modified redirected URL
https://www.example.com/#adw?utm_source=Google&utm_medium=Search%20Engine&utm_campaign=Brand%20ESL%20PT%20Countries%20Core%20GAW

Our theory is that WP-Cerber is using some regex to categorize the appending querystring parameters as spam/danger, but that the addition of the anchor tag allows the URL to pass the regex gate.  

Are you familiar with this issue or a similar one? Is there a way to unblock our tracking URLs within Cerber settings.

Thanks

• This topic was modified 7 years, 5 months ago by auggiebadger.