False positive on baabel.ro

[REDACTED]

Hello,
I already sent to you directly from interface the problem: some people which you AVAST solution complaint me that their web site https://baabel.ro it is block due a virus.
I installed on a VM AVAST and they was correct.
I checked the web site online with more than 30 antivirus / scan, but there was nothing.
I double checked the source code and still nothing
So I reported to you as false positive.
What it is suprising for me is that I verified other pages which use our server from our DC and AVAST gave an error telling us that we have no access to that other websites because baabel.ro it is infected. I restarted the Virtual Machine, same error.
I put another machine with clean instalation and AVAST and checked if the web site 'B' it is still getting error, no error.
So you also have a bug. If a web site it is true or false positive, if it is hosted on a multi site server, all the web sites from that server will become unavailable.

Looking for a feedback from AVAST team asap

Thx in advance

[Eddy]

avast doesn't say there is a virus.
URL:Mal = domain and/or IP is blacklisted (this can be a link to a blacklisted site)

First problem I already see is the 301 http status.
That needs to be fixed.

Second problem is the use of vulnarable libraries.
That also need to be fixed.
http://zulu.zscaler.com/submission/show/0334c30a2e5cfc91a6d692d166f22c07-1494311660

So you also have a bug. If a web site it is true or false positive, if it is hosted on a multi site server, all the web sites from that server will become unavailable.

That is not a bug, just you who don't know how things are working.
If other domains on the same server are blocked or not depend on what block it is. (domain or IP)

[REDACTED]

Thanks Edy, yeap it is moved permanently from http to https, this cannot be a problem. For example let's take Facebook servers
------------------------
Redirections: https://facebook.com/ (301 Moved Permanently)
https://www.facebook.com/ (301 Moved Permanently)
------------------
Anyway I entered directly to https

What it is interesting it is about the js files, there could be a problem. I will put clean files (the client moved the site on our webservers)
Thanks for your help, I will come back here to tell if now is ok with the new js files

[HonzaZ]

I have unblocked baabel[.]ro, it seems like a very old detection

[Eddy]

Everything should be fine as far as I can see if you replace (or remove) the vulnerable libraries.

The 301 can be a problem as security checks in browsers and tools are becoming more and more strictly.

As HonzaZ have removed the block and you already did some things, I see no problems anymore.

[REDACTED]

Thanks a lot @HonzaZ

@Eddy : the 301 directive is given to server in order to permanently move any request to SSL. As for example, this web site has a lot of pages already indexed by search engines, when the visitor access will be directed normal on SSL but also the search engine will know that the link permanently moved to SSL in our case
All SSL websites working like this as a security measure
Anyway I have to thank you also for the great link to check the js when we have a new come on our servers

Kind regards