auggiebadger
Forum Replies Created
-
Hi Gioni,
Thanks for the reply.
It blocks them as malicious requests
I would be happy to share the exact URls in private message
- This reply was modified 7 years, 5 months ago by auggiebadger.
- This reply was modified 7 years, 5 months ago by auggiebadger.
This might be related to a similar issue we are experiencing with our custom clicktracks:
We use an in-house click tracking system where URLs to a specific aspx page of any subdomain of our primary domain get redirected to new destinations. WordPress doesn’t support aspx, so for the sub-domains pointed at worpdress sites, we first use Apache re-writes to re-direct. For example:
http://www.example.com/m/ct.aspx?ici=1227 redirects to http://redirect.example.com/m/ct.aspx?ici=1227 which uses the clicktrack to redirect to the destination https://www.example.com/ and appends the following querystring parameters:
?utm_source=Google&utm_medium=Search%20Engine&utm_campaign=Brand%20ESL%20PT%20Countries%20Core%20GAW
Until we upgrade to version 7.9, this worked well. Since the upgrade, the final destination URLs have been blocked by WP Cerber, generating 403 Errors.
We have identified a workaround by pre-pending an anchor tag (specifically we are using “#adw” in the final destination URL:
Original redirected URL
https://www.example.com/?utm_source=Google&utm_medium=Search%20Engine&utm_campaign=Brand%20ESL%20PT%20Countries%20Core%20GAWModified redirected URL
https://www.example.com/#adw?utm_source=Google&utm_medium=Search%20Engine&utm_campaign=Brand%20ESL%20PT%20Countries%20Core%20GAWOur theory is that WP-Cerber is using some regex to categorize the appending querystring parameters as spam/danger, but that the addition of the anchor tag allows the URL to pass the regex gate.
- This reply was modified 7 years, 5 months ago by auggiebadger.