Author Topic: my site blocks [Resolved]  (Read 4874 times)

0 Members and 1 Guest are viewing this topic.

Offline Николай29

  • Newbie
  • *
  • Posts: 4
my site blocks [Resolved]
« on: January 30, 2015, 07:19:54 PM »
My site blocks avast. Please remove from the blacklist.
hxxp://cooll.pp.ua

VirusTotal (webscan) 1/61
https://www.virustotal.com/ru/url/6ddbe5daa0b2882a71d3a13cef67f501deb9aaf5333e1984c580c96272820c33/analysis/1422641839/
« Last Edit: January 30, 2015, 11:23:39 PM by Николай29 »


Offline Николай29

  • Newbie
  • *
  • Posts: 4
Re: my site blocks
« Reply #2 on: January 30, 2015, 08:22:44 PM »
I deleted everything from the site. Left one page with phpinfo. Still writes Malware site.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31302
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: my site blocks
« Reply #3 on: January 30, 2015, 08:25:16 PM »
Changing the website doesn't change the problems with the server(software).

Offline Николай29

  • Newbie
  • *
  • Posts: 4
Re: my site blocks
« Reply #4 on: January 30, 2015, 08:30:38 PM »
You want to say that I have an older version apache or my server is infected???

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31302
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: my site blocks
« Reply #5 on: January 30, 2015, 08:52:04 PM »
Read the scan/check results in the links I gave you.
If you want to run checks/scans yourself, I have many online links/tools for it on:
http://www.ache.nl

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33320
  • malware fighter
Re: my site blocks
« Reply #6 on: January 30, 2015, 09:46:28 PM »
Why your site could get attacked and probably compromised: Outdated Web Server Apache Found: Apache/2.2.8
Security header config for your site: https://www.uploady.com/#!/download/AWl8JRJDSVn/vR1N_DquOl0K2Jno
Not only avast to blacklist your website: http://www.phishtank.com/phish_detail.php?phish_id=2915179  Status Verified PHISH
Sucuri Blacklisted: http://labs.sucuri.net/?blacklist=ow.ly
List of blacklisted external links: 4
-ow.ly//api-docs
-ow.ly/#
-ow.ly//a
-ow.ly//login

FAIL: We found blacklisted mail servers:
94.153.58.4
zen.spamhaus.org. → http://www.spamhaus.org/query/bl?ip=94.153.58.4  -> http://www.dnsinspect.com/cooll.pp.ua/1422650555


polonus
« Last Edit: January 30, 2015, 09:54:32 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Николай29

  • Newbie
  • *
  • Posts: 4
Re: my site blocks
« Reply #7 on: January 30, 2015, 09:55:59 PM »
Problem solved! Topic can be closed. Site removed from the blacklist.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33320
  • malware fighter
Re: my site blocks
« Reply #8 on: January 30, 2015, 10:03:34 PM »
We are glad for you and your site's visitors,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 85748
  • No support PMs thanks
Re: my site blocks
« Reply #9 on: January 30, 2015, 10:10:34 PM »
Problem solved! Topic can be closed. Site removed from the blacklist.

Topics generally remain open - you can edit your first post and add [Resolved] to the Subject.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.8.2487 (build 21.8.6586.693) UI 1.0.666/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31302
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: my site blocks
« Reply #10 on: January 30, 2015, 10:32:40 PM »
Quote
Problem solved! Topic can be closed. Site removed from the blacklist.
I disagree. Although the site is not blocked by avast (for now) anymore, there still are issues that need to be solved.

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5420
  • Spartan Warrior
Re: my site blocks
« Reply #11 on: January 30, 2015, 10:33:39 PM »
Quote
Problem solved! Topic can be closed. Site removed from the blacklist.
I disagree. Although the site is not blocked by avast (for now) anymore, there still are issues that need to be solved.
As far as I know. PHISH issue(s) still exist.
Windows 10 Home 64-bit 20H2 Avast Premier Security version 21.3.2459 (build 21.3.6164.652) UI version 1.0.612.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31302
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: my site blocks
« Reply #12 on: January 30, 2015, 10:36:19 PM »
Indeed as well as the outdated server software which can cause huge problems... :'(

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33320
  • malware fighter
Re: my site blocks
« Reply #13 on: January 30, 2015, 11:00:12 PM »
Hi Eddy and mchain,

I think the domain hoster there has the last word as whether the server software will stay degraded or updated and they could also tackle their spam/PHISH listing issues. Could not be it is such of a problem. On the other if the site's insecurity does not qualify for an avast block, it should be unblocked (and that is an avast team's decision, we are not part of that).
See: https://www.robtex.com/en/advisory/ip/94/153/58/4/
Here it is not given clean: http://www.urlvoid.com/scan/cooll.pp.ua/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31302
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: my site blocks [Resolved]
« Reply #14 on: January 31, 2015, 02:41:41 AM »
First it only was Scumware that flagged the site on UrlVoid, now also Bitdefender.
Looks like things are getting worse.

Ok, avast has allowed the website again...
As I see it avast did it because there are currently no webbpages except for the phpinfo page.
What if the OP now place back the pages (and files) and does not solve all other problems?
Seems to me a really easy way to bypass avast's security  :'(