Friday, 23 April, 2021
Everything you need to know about security headers
Buy now
Forum | Really Simple SSL

GoDaddy Securi IDS locking out users when content security policy on

Support
Documentation

Categories

Home Forums Really Simple SSL pro GoDaddy Securi IDS locking out users when content security policy on

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • January 13, 2021 at 4:28 pm #533754
    David Sutherland
    Participant

    FYI I was getting intrusion detection system (IDS) lockouts for users (including myself) from GoDaddy’s Securi when I had turned on the content security policy

    The IDS log was showing excessive hits to this URL: ‘ /wp-json/rsssl/v1/csp?rsssl_apitoken=1609280xxx (changed to xxx)

    When I commented out the code as mentioned in the support post below the site stopped blocking me!
    # Begin Really_Simple_SSL_CSP_Report_Only

    Mentioned here:
    https://really-simple-ssl.com/forums/topic/speed-issue-404-code/

    January 14, 2021 at 8:23 am #534132
    Rogier
    Keymaster

    Hi David,

    Thanks for reporting your issue.

    What you experienced is caused by the reporting feature of the CSP. When enabled, this can cause a heavy load on the server. When enforcing is enabled, this stops.

    We are releasing a new version in one or two weeks where reporting is paused when 20 reports have been submitted through the api. The user can then analyse the blocked resources, and allow or deny them.

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.

Subscribe

Get started

Your website on SSL in just one click

Free Download
Pricing

Plugins

© Really Simple Plugins
CoC 70461155
Attoomweg 6B 9743 AK (NL)

Wordpress
Linkedin
Github

Get Started

About

Popular articles

Really Simple Plugins