« previous next »
Pages: [1]   Go Down

Author Topic: Site with redirect loop  (Read 1002 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34065
  • malware fighter
Site with redirect loop
« on: October 08, 2023, 10:28:01 PM »
See: https://sitecheck.sucuri.net/results/tube-hosting.de  (api.mapbox being blocked in the browser)
Hosted at see: https://www.shodan.io/host/104.21.5.66 & https://www.shodan.io/host/188.114.96.3

Listed at several blacklists: https://whatismyip.live/blacklist-check for IP 188.114.96.3
Blacklist   Description   Status
-cbl.abuseat.org   Composite Blocking List   Listed
-dnsrbl.org   DNSRBL - The Real-time Blackhole List   Listed
-dnsbl.spfbl.net   DNSBL SPFBL List   Listed
-rd.uribl.com   URIBL red   Listed
-uribl.com   URIBL grey   Listed
-black.uribl.com   URIBL black   Listed
-multi.uribl.com   URIBL multi   Listed

Scan gives too many redirects ...

Quote
Hardening Improvements
Security Headers
Missing security header for ClickJacking Protection. Alternatively, you can use Content-Security-Policy: frame-ancestors 'none'.

Missing security header to prevent Content Type sniffing.

Missing Strict-Transport-Security security header.

Missing Content-Security-Policy directive. We recommend to add the following CSP directives (you can use default-src if all values are the same): script-src, object-src, base-uri, frame-src

File name   /index
Threat name   PS.Redir.gen
File type   Unknown
Reason   Detected unconditional redirection to external web resource.
Details   Detected HTTP redirection to hxtps://tube-hosting.com/.

Read on re-writing rules and errors here: https://security.stackexchange.com/questions/29573/sucuri-giving-false-positive-with-their-free-online-scanner-because-of-an-htacc  (example of such a site, see scan = https://sitecheck.sucuri.net/results/www.blingjewelrys.shop 
Not flagged here: https://zulu.zscaler.com/submission/eeb3c49e-57b8-4eba-8966-b3943420483f
3 WordPress issues found with that page:
outdated  plug-ins:    woocommerce 7.8.0   Warning   latest release (8.1.1)
-https://woocommerce.com/
woo-variation-swatches    Unknown   latest release (2.0.26)
-https://wordpress.org/plugins/woo-variation-swatches/
yith-woocommerce-wishlist 3.22.0   Warning   latest release (3.25.0)
-https://yithemes.com/themes/plugins/yith-woocommerce-wishlist/
 User Enumeration
The first two user ID's were tested to determine if user enumeration is possible.

Username   Name
ID: 1   admin   admin
ID: 2   not found   
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. Take note that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation. Luckily for us all avast flag and blocks this site as with malicious program code.

polonus
« Last Edit: October 08, 2023, 11:00:43 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »