Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Always block .games domain
See original GitHub issueDescription
The rules always block my domain name which end with “.games” .
Audit Logs / Triggered Rule Numbers
---aHm3iwfx---F--
HTTP/2.0 403
Server: nginx
Date: Sun, 17 Oct 2021 07:41:08 GMT
Content-Length: 548
Content-Type: text/html
X-Content-Type-Options: nosniff
Connection: close
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: img-src * blob: data: filesystem:;default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
---aHm3iwfx---H--
ModSecurity: Warning. detected SQLi using libinjection. [file "/usr/local/modsecurity-crs/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "46"] [id "942100"] [rev ""] [msg ""] [data ""] [severity "0"] [ver "OWASP_CRS/3.4.0-dev"] [maturity "0"] [accuracy "0"] [hostname "<removed from me>"] [uri "/"] [unique_id "1634456468"] [ref "v834,38"]
ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:ANOMALY_SCORE' (Value: `5' ) [file "/usr/local/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "139"] [id "949110"] [rev ""] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [data ""] [severity "2"] [ver "OWASP_CRS/3.4.0-dev"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "<removed from me>"] [uri "/"] [unique_id "1634456468"] [ref ""]
Your Environment
- CRS version (v3.3.2):
- ModSecurity version ( 3.0.5 ):
- Web Server and version ( nginx 1.18.0):
- Operating System and version: Linux 4.9.0-16-amd64 , Debian 9.13
Confirmation
[x ] I have removed any personal data (email addresses, IP addresses, passwords, domain names) from any logs posted.
Issue Analytics
- State:
- Created 2 years ago
- Comments:5 (2 by maintainers)
Top Results From Across the Web
Gameservers - How to block - OpenDNS
If a domain doesn't belong to the category you think it belongs to you can always nominate it for a category, or vote...
Read more >How To BLOCK Any Software Or Games From Accessing The ...
How To BLOCK Any Software Or Games From Accessing The Internet In Windows 10 TutorialIn this Windows 10 Tutorial I will be showing...
Read more >Blocking Games on sites.google.com – Knowledge Base
How to block access to games hosted on sites.google.com, but continue allowing access to the rest of the domain. Problem. You want to...
Read more >Always allowed / blocked website. What is the priority?
What is the priority when I define http://youtube.com as always blocked but I agree on an exception on a specific stream.
Read more >How to block gaming MAX-BR1 - Peplink | Pepwave - Forum
You can apply several blocking rules using destination IP/Network, destination ports and domains. (Advanced -> Firewall Access Rules -> Add rule ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Thank you. That’s help.
Thanks, that helped.
Match wasn’t against your domain, see:
It matched against
autologincookie. Unfortunately, thelibinjectionmatched it so there’s not much we can do about it. You can try to file a bug report here: https://github.com/libinjection/libinjection . As a temporary solution, try to clear cookies from your browser.