Home › Forums › Really Simple SSL pro › GoDaddy Securi IDS locking out users when content security policy on
- This topic has 1 reply, 2 voices, and was last updated 1 week, 6 days ago by
Rogier.
-
AuthorPosts
-
January 13, 2021 at 4:28 pm #533754
David Sutherland
ParticipantFYI I was getting intrusion detection system (IDS) lockouts for users (including myself) from GoDaddy’s Securi when I had turned on the content security policy
The IDS log was showing excessive hits to this URL: ‘ /wp-json/rsssl/v1/csp?rsssl_apitoken=1609280xxx (changed to xxx)
When I commented out the code as mentioned in the support post below the site stopped blocking me!
# Begin Really_Simple_SSL_CSP_Report_OnlyMentioned here:
https://really-simple-ssl.com/forums/topic/speed-issue-404-code/January 14, 2021 at 8:23 am #534132Rogier
KeymasterHi David,
Thanks for reporting your issue.
What you experienced is caused by the reporting feature of the CSP. When enabled, this can cause a heavy load on the server. When enforcing is enabled, this stops.
We are releasing a new version in one or two weeks where reporting is paused when 20 reports have been submitted through the api. The user can then analyse the blocked resources, and allow or deny them.
-
AuthorPosts
- You must be logged in to reply to this topic.