awards.tweakers.net logs you out on tweakers.net

The ruleset for *.tweakers.net doesn't enforce https for the subdomain awards.tweakers.net. Combined with the securecookie rule this causes the session-id cookie to be overwritten with a new one for a not-logged-in session.

It probably is best to just be less specific wrt subdomains:

Also the exclusion rule for crossdomain.xml might not be necessary anymore, but I haven't checked that yet.