Author Topic: Avast Free software at client is blocking all my multisite wordpress sites  (Read 2694 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
HI Everyone,
I have a good client who has Avast free running and a few days ago sites which i have built for them in wordpress under a multisite suddenly became blocked fro access by Avast. nothe=ing has changed within the site and several antivirus scans have produced nothing. we are at our wits end as this is impacting on our work and reputation. It does strongly appear to be a false positive. the sites also in my multisite are not visible to the client further compounding the issue.
the websites directly impacted are http://www.nwetc.com.au   and http://www.careersinwine.com.au
Should I just get them to use a diff anti virus software or can this be sorted as it is a real pain.
does anyone have any suggestions? Multisite is running Protect plugin and the search for any bugs has been very extensive. the site is visible to anyone except those running this avast program. My site technician has put a request in to Avast on friday but no joy on any response. hopefully we can get some help here.
over to you guys.
many thanks
Jon

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Contact support   https://support.avast.com/support/tickets/new


Have sendt a PM to avast team about this post    ;)




« Last Edit: October 18, 2015, 09:35:02 AM by Pondus »

REDACTED

  • Guest
thanks chief,
only problem is which category of support and i am not the ned user. does that matter?
don't shoot me either and put down that donut
jon

Offline HonzaZ

  • Avast team
  • Advanced Poster
  • *
  • Posts: 1038
Hi,
Avast was complaining about this piece of code:

Code: [Select]
var url = 'http://jbcdv.net/dm-sso-endpoint/1445153201/?dm_action=domainmap-check-login-status&domain=nwetc.com.au';
var iframe = document.createElement('iframe');
(iframe.frameElement || iframe).style.cssText = "width: 0; height: 0; border: 0";

I made it so it is not detected, but please do keep in mind that this behaviour can trigger AVs, as they are checking for hidden iframes as well.

REDACTED

  • Guest
thanks very much. will test it tomorrow and have passed onto my tech chap!

REDACTED

  • Guest
Just for everyone's future reference the code you refer to comes from the WPMUDEV's domain mapping plugin.

The feature causing the issue allows users to automatically sign into a mapped domain if they are already signed into the network.

This feature can be turned off by turning off the single sign on option in the plugin's settings.

The mystery here is why this piece of code was flagged in this network when I would expect there to be thousands of similar installations out there.

Still I understand why the iframe may be cause for concern.

Regards
Drew