I pull the c.bing.com URI out of the LOCAL ruleset - back to default - and cut out the www.drudgereport.com from the Deny INC action of the 0.0.0.0 ruleset and discover that Drudge STILL didn't generate an error. I removed the entire 0.0.0.0 ruleset and Drudge once again displayed ABE block. I added it back in again and the ABE block went away on Drudge. I checked the MS Support page and it didn't display ABE block either.
I checked the browser console for the MS Support page:
Code: Select all
Loading mixed (insecure) display content "http://c.bing.com/c.gif?&CtsSyncId=D0712B25DFD04E3589289940C1CCA73D&RedC=c1.microsoft.com&MXFR=2ACB603D9A6A67E8261769509E6A61A5" on a secure page
[ABE] <0.0.0.0> Deny INCLUSION on {GET http://c.bing.com/c.gif?&CtsSyncId=D0712B25DFD04E3589289940C1CCA73D&RedC=c1.microsoft.com&MXFR=2ACB603D9A6A67E8261769509E6A61A5 <<< http://c1.microsoft.com/c.gif?, https://support.microsoft.com/en-us/kb/919746 - 3}
SYSTEM rule:
Site 0.0.0.0
Accept from SELF+
Deny INCLUSION
c.microsoft.com : server does not support RFC 5746, see CVE-2009-3555
Loading mixed (insecure) display content "http://c.bing.com/c.gif?&CtsSyncId=55BBA3CAA23344089423F1CBA2360A7D&RedC=c1.microsoft.com&MXFR=2ACB603D9A6A67E8261769509E6A61A5" on a secure page
[ABE] <0.0.0.0> Deny INCLUSION on {GET http://c.bing.com/c.gif?&CtsSyncId=55BBA3CAA23344089423F1CBA2360A7D&RedC=c1.microsoft.com&MXFR=2ACB603D9A6A67E8261769509E6A61A5 <<< http://c1.microsoft.com/c.gif?, https://support.microsoft.com/en-us/kb/919746 - 3}
SYSTEM rule:
Site 0.0.0.0
Accept from SELF+
Deny INCLUSION
[ABE] <0.0.0.0> Deny INCLUSION on {GET https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=A8BB2238121543618489E29AEA68C761&RedC=c1.microsoft.com&MXFR=2ACB603D9A6A67E8261769509E6A61A5 <<< https://c1.microsoft.com/c.gif?DI=4050&did=1&t=, https://support.microsoft.com/en-us/kb/919746 - 7}
SYSTEM rule:
Site 0.0.0.0
Accept from SELF+
Deny INCLUSION
[ABE] <0.0.0.0> Deny INCLUSION on {GET https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=10B5C640D24641989FE66CAD6B86A561&RedC=c1.microsoft.com&MXFR=2ACB603D9A6A67E8261769509E6A61A5 <<< https://c1.microsoft.com/c.gif?DI=4050&did=1&t=, https://support.microsoft.com/en-us/kb/919746 - 3}
SYSTEM rule:
Site 0.0.0.0
Accept from SELF+
Deny INCLUSION
Bottom line it looks like its working now.