# Sucuri firewall issue clicking on some search results



## dpeters11 (May 30, 2007)

I was doing a search and clicked on a result, got this error. I got it on several of them, but not all. If I removed the ?hl= string, the thread came up.

http://www.dbstalk.com/topic/220006-ready-to-recommitwhat-equipment-should-i-ask-for/?hl=%2Bh20%26amp%3B%238208600#entry3398472

Sucuri WebSite Firewall - CloudProxy - Access Denied

What is going on?
*You are not allowed to access the requested page.* If you are the site owner, please open a ticket in our support page if you think it was caused by an error:https://support.sucuri.net. If you are not the owner of the web site, you can contact us at [email protected] Also make sure to include the block details (displayed below), so we can better troubleshoot the error.

Block details

Your IP: *72.49.100.94*
URL: *http://www.dbstalk.com/topic/220006-ready-to-recommitwhat-equipment-should-i-ask-for/?hl=%252Bh20%2526amp%253B%25238208600*
Your Browser: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36
Block ID: *XSS023*
Block reason: An attempted XSS (Cross site scripting) was detected and blocked.
Time: Mon, 18 Jan 2016 13:35:50 -0500
Server ID: *cp2022*

Sucuri CloudProxy
CloudProxy is the WebSite Firewall from Sucuri. It stands between your site and the rest of the world and protects against attacks, malware infections, DDOS, brute force attempts and mostly anything that can harm it.
Not only that, but your sites get cached, speeding it up quite a bit. Interested? Visit https://sucuri.net/website-firewall


----------



## Art7220 (Feb 4, 2004)

Yup, happened to me too.


----------



## Stewart Vernon (Jan 7, 2005)

I actually got this one time the other day just going to the main site, not even logged in... but I was having some Internet troubles here so I didn't think anything of it since I didn't see it again.


----------



## Dude111 (Aug 6, 2010)

I used to get that..... I just changed my UA and got around thier block easily... (No big deal)

Thats the trouble with going thru something for filtering..... THEY THINK THEY CONTROL EVERYTHING!!


----------



## Art7220 (Feb 4, 2004)

Not sure if this is why but I'm using the PaleMoon browser v26 and it goes through now.


----------



## Blowgun (May 23, 2008)

Refreshed a couple of pages and they all displayed the following error message:

* Sucuri CloudProxy - Backend Server timeout*
* What is going on?*
I am sorry, but we are unable to connect to the page you requested. It seems that the hosting server (where this site is
located) is down and we do not have a cached copy to give to you. Please try again in a few minutes.

* What can I do to fix it?*
If you own the web site, please verify with your hosting company if your server is up and running. They might be doing
a maintenance or be overloaded. Please wait a few minutes and try again. If the problem persists, open a ticket on our
support page and we will troubleshoot: https://support.sucuri.net.

If you are just visiting the site, just wait a bit and it should be back soon. We apologize for the incovenience [sic]. If you
have any question, email us at [email protected]

* Error details*


Error Code: HTTP 504


Error Message: Backend or gateway connection timeout.


Server ID: cp2022

* Sucuri CloudProxy*
CloudProxy is a Website Firewall from Sucuri. It stands between your site and the rest of the Internet and protects
against attacks, malware infections, DDoS, brute force attempts and mostly anything that can harm it.

Not only that, but your sites get cached, speeding it up quite a bit. Interested? Visit https://sucuri.net

Never encounter this error message or any other Sucuri firewall error messages in the past. Waited a bit and did a refresh on the pages and everything was fine.


----------



## Stewart Vernon (Jan 7, 2005)

I only saw it that one time that one day, and haven't seen it again since. Maybe I'm online during times when it isn't a problem, though.


----------



## James Long (Apr 17, 2003)

dpeters11 said:


> I was doing a search and clicked on a result, got this error. I got it on several of them, but not all. If I removed the ?hl= string, the thread came up.
> 
> http://www.dbstalk.com/topic/220006-ready-to-recommitwhat-equipment-should-i-ask-for/?hl=%2Bh20%26amp%3B%238208600#entry3398472





Stewart Vernon said:


> I only saw it that one time that one day, and haven't seen it again since. Maybe I'm online during times when it isn't a problem, though.


The link in the first post shows me the Sucuri page every time.


----------



## makaiguy (Sep 24, 2007)

James Long said:


> The link in the first post shows me the Sucuri page every time.


Me too. 
The Securi page I'm getting looks to be a bit different, though:

Sucuri WebSite Firewall - CloudProxy - Access Denied
What is going on? *You are not allowed to access the requested page.* If you are the site owner, please open a ticket in our support page if you think it was caused by an error: https://support.sucuri.net. If you are not the owner of the web site, you can contact us at [email protected] Also make sure to include the block details (displayed below), so we can better troubleshoot the error.
Block details

Your IP: *24.145.40.30*
URL: *http://www.dbstalk.com/topic/220006-ready-to-recommitwhat-equipment-should-i-ask-for/?hl=%252Bh20%2526amp%253B%25238208600*
Your Browser: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0
Block ID: *XSS023*
Block reason: An attempted XSS (Cross site scripting) was detected and blocked.
Time: Sat, 06 Feb 2016 12:11:39 -0500
Server ID: *cp2022*

Sucuri CloudProxy
CloudProxy is the WebSite Firewall from Sucuri. It stands between your site and the rest of the world and protects against attacks, malware infections, DDOS, brute force attempts and mostly anything that can harm it.
Not only that, but your sites get cached, speeding it up quite a bit. Interested? Visit https://sucuri.net/website-firewall

The full link is:

http://www.dbstalk.com/topic/220006-ready-to-recommitwhat-equipment-should-i-ask-for/?hl=
+h20&#8208600#entry3398472
If you remove the /? and all that follows, the link goes through okay, but with out the extra parameters, it of course just goes to the beginning of the thead: http://www.dbstalk.com/topic/220006-ready-to-recommitwhat-equipment-should-i-ask-for

Edit: playing with this further,

If all you remove is the #entry3398472 at the end, it will go through, but still to the full thread.
If all you remove is #8208600 it will go through to the thread, positioned at post 22
hl=+h20 causes it to highlight the text substring h20


----------



## James Long (Apr 17, 2003)

Removing the & is enough on my machine ...
http://www.dbstalk.com/topic/220006-ready-to-recommitwhat-equipment-should-i-ask-for/?hl=%2Bh20%238208600#entry3398472


----------



## David Bott (Jul 12, 2005)

Hi...I have put in a support request to Sucuri. Thanks for the details.


----------



## David Bott (Jul 12, 2005)

Ok, Sucuri thinks they have it sorted for us with a few firewall changes. 

Thanks all for letting us know.


----------



## James Long (Apr 17, 2003)

The repair works for me ... hopefully for everyone else as well.


----------



## dpeters11 (May 30, 2007)

Looks good here.

Thanks!


----------



## Stewart Vernon (Jan 7, 2005)

I tested the link and it worked for me too... Sorry I missed that this link was consistently producing the problem. The day I had a problem (that one time) it was in getting to the Web site itself, not running a search, and I thought it was perhaps the same problem. Maybe it was, and maybe this will fix all of the occurrences.


----------



## Blowgun (May 23, 2008)

The link in the head-post also works here. I have no way to reproduce the 504 error except at page refresh and I've refreshed the page several times and it hasn't occurred.

Thanks.


----------



## Dude111 (Aug 6, 2010)

James Long said:


> The link in the first post shows me the Sucuri page every time.


Hmmm I wonder why Jim?? I can get to it fine here.....

See I had to change my UA as they are blocking "MSIE 6.0" so I just changed it to something else and I get thru fine..... THEY ARE QUITE STUPID HOWEVER AS IF I CHANGE IT TO "MSIE 5.5" it works fine!! (Or any other IE version)

Why bother trying to block 6 if they are going to allow all other versions


----------



## James Long (Apr 17, 2003)

Dude111 said:


> Hmmm I wonder why Jim?? I can get to it fine here.....


The problem has been fixed since I made the post that you quoted.


----------



## Dude111 (Aug 6, 2010)

Ahhhhhh Im sorry buddy,I didnt notice Daves reply there.....


----------

