Whitelisting Google Maps and reCAPTCHA
The installation of CrowdSec and crowdsec-firewall-bouncer-iptables on an Ubuntu 24.04 server running Nginx has successfully enabled the blocking of malicious attacks. However, this security measure is also inadvertently preventing access to Google Maps and Google reCAPTCHA services on the hosted websites. Assistance is required to configure whitelisting rules that will allow these specific Google services to function properly while maintaining the overall security provided by CrowdSec. Please help me to fix this issue.
7 Replies
Important Information
Thank you for getting in touch with your support request. To expedite a swift resolution, could you kindly provide the following information? Rest assured, we will respond promptly, and we greatly appreciate your patience. While you wait, please check the links below to see if this issue has been previously addressed. If you have managed to resolve it, please use run the command
/resolve or press the green resolve button below.Log Files
If you possess any log files that you believe could be beneficial, please include them at this time. By default, CrowdSec logs to /var/log/, where you will discover a corresponding log file for each component.
Guide Followed (CrowdSec Official)
If you have diligently followed one of our guides and hit a roadblock, please share the guide with us. This will help us assess if any adjustments are necessary to assist you further.
Screenshots
Please forward any screenshots depicting errors you encounter. Your visuals will provide us with a clear view of the issues you are facing.
© Created By WhyAydan for CrowdSec ❤️
Resolving Whitelisting Google Maps and reCAPTCHA
This has now been resolved. If you think this is a mistake please run
/unresolve
Unresolving Whitelisting Google Maps and reCAPTCHA
This has now been unresolved.Can you show any debugging that would indicate crowdsec is the cause for these blocks?
as typically these are client side libraries that means the user browser will request the resources from Google which is not impacted from your server firewall since the request is from their device.
Yes I understand these are client side libraries that render in browser. Same website is working on other server without CrowdSec, but not when move the new server protected with CrowdSec.
Do you have any debugable information that you can share cause we need information to look further.
Thank you Loz, you redirected me to the correct side. I was is issue in nginx vhost file.
It is working fine by removing some Security headers
(add_header Content-Security-Policy "default-src 'self') in vhost was blocking
ahh yes CSP you gotta love it, glad you found it as I was going to say I never seen this before unless google was proxying between your server and client which I never heard off 😄