Traffic Inspector blocks access via Facebook with URL parameter “?fbclid=”
-
Hi,
I noticed that when people click the link to my website on facebook, Traffic Inspector blocks that request because it thinks that the URL parameter, which facebook automatically adds is suspicious.
E.g. “/?fbclid=IwAR2FSQSN_neGNIAaZ7P4iZNl50tEpfxC6xKTy-8KCeEq-cnYmVsO2RtQmVE”
I successfully added a regex in the request whitelist ({\/.fbclid.*}) and Traffic Inspector allows accessing my website. However, previous IP’s have been blocked because of this.
How can I unblock specific IP’s again so my clients can see my website?
Thanks in advance
Sascha
-
This might be related to a similar issue we are experiencing with our custom clicktracks:
We use an in-house click tracking system where URLs to a specific aspx page of any subdomain of our primary domain get redirected to new destinations. WordPress doesn’t support aspx, so for the sub-domains pointed at worpdress sites, we first use Apache re-writes to re-direct. For example:
http://www.example.com/m/ct.aspx?ici=1227 redirects to http://redirect.example.com/m/ct.aspx?ici=1227 which uses the clicktrack to redirect to the destination https://www.example.com/ and appends the following querystring parameters:
?utm_source=Google&utm_medium=Search%20Engine&utm_campaign=Brand%20ESL%20PT%20Countries%20Core%20GAW
Until we upgrade to version 7.9, this worked well. Since the upgrade, the final destination URLs have been blocked by WP Cerber, generating 403 Errors.
We have identified a workaround by pre-pending an anchor tag (specifically we are using “#adw” in the final destination URL:
Original redirected URL
https://www.example.com/?utm_source=Google&utm_medium=Search%20Engine&utm_campaign=Brand%20ESL%20PT%20Countries%20Core%20GAWModified redirected URL
https://www.example.com/#adw?utm_source=Google&utm_medium=Search%20Engine&utm_campaign=Brand%20ESL%20PT%20Countries%20Core%20GAWOur theory is that WP-Cerber is using some regex to categorize the appending querystring parameters as spam/danger, but that the addition of the anchor tag allows the URL to pass the regex gate.
I will try the extended regex you suggested.
However, despite the less restrictive regex, Traffic Inspector would consistently block requests coming from facebook on another website I’m running. Complaints kept piling in so I had to disable Traffic Inspector entirely.
About the “unblocking specific IPs”: People (potential clients) who have been denied access because of the ?fbclid parameter are now blacklisted IPs. I presume that they cannot access the website in any way, anymore? Or what effect does the blacklist have?
Traffic Inspector has put a series of IP addresses on the blocked list because of false positives. Such as “uptimerobot.com”, which I mentioned before, and a few others. If I put those on the whitelist, will they be deleted from the blacklist?
Example:
[url=https://abload.de/image.php?img=operamomentaufnahme_24nfpu.png][img]https://abload.de/thumb/operamomentaufnahme_24nfpu.png[/img][/url]
(EDIT: inserting images here doesn’t seem to work. Try: https://abload.de/image.php?img=operamomentaufnahme_24nfpu.png)Uptime Robot simply requests the home page of my website, without any additional parameters. It’s a plain and simple HTTP request (I would think), like any browser would see it. But still it got blocked. I don’t understand the mechanism and the reason for that.
Cheers,
Sascha
- The topic ‘Traffic Inspector blocks access via Facebook with URL parameter “?fbclid=”’ is closed to new replies.
