[RESOLVED] Why is ABE busting my balls?

Discussions about the Application Boundaries Enforcer (ABE) module
Valatar
Posts: 2
Joined: Mon Sep 28, 2015 9:08 pm

[RESOLVED] Why is ABE busting my balls?

Post by Valatar » Mon Sep 28, 2015 9:13 pm

I have a website http://certifiedcc.com
On it, there's a link to a different site that I use to connect with clients: https://cccoffice.com/connect

When I click on that link, ABE flips out and blocks me. There's nothing the least bit shady about any of that, no weird scripting, no nothing. It's just a link. What's ABE's problem?
Mozilla/5.0 (Windows NT 10.0; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0

User avatar
Thrawn
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: Why is ABE busting my balls?

Post by Thrawn » Mon Sep 28, 2015 10:48 pm

Well, for starters, it redirects to port 8040, instead of the standard HTTPS port 443. Have you added any ABE rules beyond the default?

Secondly, if you're behind a corporate proxy, then it might well refuse to connect to that non-standard port, and in doing so, it might redirect you to an error page on the proxy - which would be a local address, and so ABE will intervene.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:41.0) Gecko/20100101 Firefox/41.0

barbaz
Senior Member
Posts: 9140
Joined: Sat Aug 03, 2013 5:45 pm

Re: Why is ABE busting my balls?

Post by barbaz » Mon Sep 28, 2015 11:30 pm

Click on the link you posted here, does ABE block that too?

DNS lookup of affected domain:

Code: Select all

$ dig cccoffice.com

; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> cccoffice.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38276
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;cccoffice.com.                 IN      A

;; ANSWER SECTION:
cccoffice.com.          3600    IN      A       23.25.119.82

;; Query time: 39 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: XXXXXXXXXXXXXXXXXXXXXXXXX
;; MSG SIZE  rcvd: 58

I don't see why that'd be LOCAL.

Redirects are all to the same site, so that's probably not it, unless there's JS based redirects through other site(s)? (I didn't try allow scripts.)

If this is happening *not* behind a corporate proxy: please check the Browser Console (Ctrl-Shift-J) when this happens and post here any messages related to NoScript.
(related messages usually start with either "[NoScript" or "[ABE]"; if you don't know what's related, turn off CSS warnings and post everything else you see)

If you *might* be (or are) behind a corporate proxy or some such thing, try installing NoRedirect & configure it to block all redirects (Regex: .*, check only "Source") and see what redirects? Also see if your DNS lookup matches mine?
*Always* check the changelogs BEFORE updating that important software!
-

Valatar
Posts: 2
Joined: Mon Sep 28, 2015 9:08 pm

Re: Why is ABE busting my balls?

Post by Valatar » Tue Sep 29, 2015 3:59 am

Aha, found it. The ABE issue only comes up when I'm inside the network with the second server, so it's correctly perceiving the second URL as an attempt to go to a local address and that's when it's blocking me. That at least won't be an issue when dealing with workers outside the office, and can be corrected on the office workstations. Thanks for the help!
Mozilla/5.0 (Windows NT 10.0; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0

barbaz
Senior Member
Posts: 9140
Joined: Sat Aug 03, 2013 5:45 pm

Re: Why is ABE busting my balls?

Post by barbaz » Tue Sep 29, 2015 4:15 am

You're welcome Image
*Always* check the changelogs BEFORE updating that important software!
-

User avatar
Thrawn
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: [RESOLVED] Why is ABE busting my balls?

Post by Thrawn » Wed Sep 30, 2015 10:19 pm

Are you familiar enough with ABE to be confident correcting it? Feel free to ask for help writing rules.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:41.0) Gecko/20100101 Firefox/41.0

Post Reply