a month ago
Dear Railway Support Team,
I'm facing an urgent issue where I can no longer access my own backend API hosted on your platform. All POST requests to my login endpoint are failing.
My API Endpoint:https://mrai-online-production.up.railway.app
The Problem: Every POST to https://mrai-online-production.up.railway.app/api/auth/login is failing with a 400 Bad Request.
This is happening in two separate scenarios:
On my desktop PC: My security software (McAfee WebAdvisor) is actively blocking the connection. It has incorrectly flagged one of your domains (
station-server.railway.com) as "Suspicious". I have attached a screenshot of this block.On my phone (using 5G): The login also fails on my cellular network (5G), which has no McAfee software installed.
My Analysis: I suspect this is a two-part problem, triggered by a bug in my application (which I have since fixed). This bug caused an infinite redirect loop yesterday, which was likely identified by your systems as a DoS attack.
I believe this has caused two things to happen:
Your domains were (incorrectly) reported to security vendors like McAfee.
Your own firewall has blacklisted my account (
maarten@vve-mrai.nl) and/or my IP addresses (both home and mobile).
The bug causing this behavior is now 100% fixed and deployed. My app no longer poses a threat.
My Request: Could you please:
Check your internal firewall logs for any blocks related to my account
maarten@vve-mrai.nlor my domainmrai-online-production.up.railway.app?Remove my account and any related IPs from your blacklist?
Investigate why
station-server.railway.comis being flagged as "Suspicious" by McAfee?
Thank you for your help.
Best regards,
Maarten [My frontend domain: www.vve-mrai.nl]
3 Replies
a month ago
Hey there! We've found the following might help you get unblocked faster:
If you find the answer from one of these, please let us know by solving the thread!
Railway
Hey there! We've found the following might help you get unblocked faster: - [🧵 did railway block my IP address after I did a cyber security scan?](https://station.railway.com/questions/did-railway-block-my-ip-address-after-i-c02f7eac) - [📚 Create a Bridge from Railway to AWS RDS with Tailscale](https://docs.railway.com/tutorials/bridge-railway-to-rds-with-tailscale) - [📚 Deploy a React App](https://docs.railway.com/guides/react) - [📚 Deploy a SolidJS App](https://docs.railway.com/guides/solid) If you find the answer from one of these, please let us know by solving the thread!
a month ago
Dear Railway Support Team, Thank you for the automated reply. I am replying in this thread to provide critical new information that clarifies the scope of the problem. My initial report 9 hours ago mentioned McAfee and a possible IP block. After further testing, the situation is clearer and more urgent. New Findings: 1. It is a Domain-Wide Block: I have confirmed that any user, on any network (including new users on iPhones), gets a 400 Bad Request when trying to log in from my frontend domain www.vve-mrai.nl). This confirms the block is not tied to my personal IP/account, but is a hard block on all requests originating fromwww.vve-mrai.nlto my API. 2. Collateral Domain Reputation Damage: The problem is now bigger. My entire root domain, vve-mrai.nl, has suffered reputation damage. External mail providers (like Gmail) are now blocking or failing to deliver e-mails to my @vve-mrai.nl mailboxes, citing the bad reputation. Correction from my last message: In my original ticket, I stated the bug-fix was "deployed". This was a mistake. The bug (an infinite loop) is 100% fixed locally, and the code is ready to be deployed the instant you lift the firewall block. The threat is neutralized and will not return. Urgent Request: Given that my entire service is down for all users and my core e-mail is now also failing, could you please: 1. Prioritize checking the firewall logs for a domain-level block between my frontend www.vve-mrai.nl) and my backend mrai-online-production.up.railway.app). 2. Remove this block so I can deploy the fix and restore service? Thank you for your urgency. Best regards, Maarten
a month ago
Hi team, just a quick update: I have now upgraded my account to the "Pro" plan to reflect the urgency of this ticket and get this resolved. Looking forward to your assistance.
a month ago
This thread has been marked as public for community involvement, as it does not contain any sensitive or personal information. Any further activity in this thread will be visible to everyone.
Status changed to Open brody • about 1 month ago