Forum | Really Simple SSL

GoDaddy Securi IDS locking out users when content security policy on

Home Forums Really Simple SSL pro GoDaddy Securi IDS locking out users when content security policy on

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #533754
    David Sutherland
    Participant

    FYI I was getting intrusion detection system (IDS) lockouts for users (including myself) from GoDaddy’s Securi when I had turned on the content security policy

    The IDS log was showing excessive hits to this URL: ‘ /wp-json/rsssl/v1/csp?rsssl_apitoken=1609280xxx (changed to xxx)

    When I commented out the code as mentioned in the support post below the site stopped blocking me!
    # Begin Really_Simple_SSL_CSP_Report_Only

    Mentioned here:
    https://really-simple-ssl.com/forums/topic/speed-issue-404-code/

    #534132
    Rogier
    Keymaster

    Hi David,

    Thanks for reporting your issue.

    What you experienced is caused by the reporting feature of the CSP. When enabled, this can cause a heavy load on the server. When enforcing is enabled, this stops.

    We are releasing a new version in one or two weeks where reporting is paused when 20 reports have been submitted through the api. The user can then analyse the blocked resources, and allow or deny them.

Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.

Subscribe

Meet Really Simple SSL 4

A whole new experience