Sorry You Have Been Blocked - Only Certain Chrome Profiles

What is the name of the domain?

example.com

What is the error number?

920274

What is the error message?

Sorry You Have Been Blocked

What is the issue you’re encountering

A site my organization uses has Cloudflare’s WAF and for certain profiles in Chrome (our primary browser) a number of us are seeing the “sorry you have been blocked” message when we try to visit it. On the same machine Edge will be fine, incognito will be fine, and a different profile in Chrome will be fine. I contacted the site and got the information for the Ray ID - it listed 920274 Invalid character in request headers, 941340 IE XSS Filters attack detected, 942200 Detects MySQL injections, 942260 detects basic SQL authentication bypass attempts, among others. I have not had any reports of issues like this with any other websites. Does anyone have any ideas on what in our profiles could be triggering a block like this?

What steps have you taken to resolve the issue?

Updated/Reinstalled Chrome

Screenshot of the error

You need payload logging to identify which components are causing the blocking. We can’t provide the details of each OWASP rule that triggers the block. The other way around is to override the specific rule causing the false positive blocking.

1 Like

Thanks for the reply - is the payload logging something I could do on my local machine, or is it something which the website provider would need to do through their Cloudflare account?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.