Author Topic: Our sites are blocked by avast  (Read 2343 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
Our sites are blocked by avast
« on: February 08, 2016, 07:40:54 PM »
We are getting blocked by avast and we see no issues on our side The site is www.defenderpluseo.com Blocked by pop up that list URL:Mal in chrome and RedirME-inf [trj] in firefox This is also blocking www.defendermax.com


Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: Our sites are blocked by avast
« Reply #1 on: February 08, 2016, 07:50:01 PM »
defendermax  >>  http://killmalware.com/www.defendermax.com/

URL:Mal means blacklisted URL or IP



« Last Edit: February 08, 2016, 07:53:52 PM by Pondus »


REDACTED

  • Guest
Re: Our sites are blocked by avast
« Reply #3 on: February 08, 2016, 09:44:51 PM »
ok by renaming not removing the jquery 1.7.2 file on defendermax the sites now show clean so is that a false positive since the file is not picked back up as malicious

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Our sites are blocked by avast
« Reply #4 on: February 08, 2016, 09:47:27 PM »
Renaming the file is not the solution.
You need to install the latest jquery package.

https://jquery.com/download/

Offline HonzaZ

  • Avast team
  • Advanced Poster
  • *
  • Posts: 1038
Re: Our sites are blocked by avast
« Reply #5 on: February 09, 2016, 10:00:18 AM »
I do not see anything malicious on the domain right now, so I am unblocking the domains. Please do not take Eddy's suggestions lightly though :).

REDACTED

  • Guest
Re: Our sites are blocked by avast
« Reply #6 on: February 09, 2016, 05:26:36 PM »
Thank you for your assistance in this matter.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Our sites are blocked by avast
« Reply #7 on: February 09, 2016, 05:45:21 PM »
Eddy has a valid point here.
But renaming a vulnerable jQuery library that qualifies for retirement to escape a vulnerable code version detection is known as "security by obscurity" and in that way you are putting your users/visitors at risk. Seems you take that into the bargain, when you wanna cheat, just cheat. Normal procedure is to retire the vulnerable code library, zip file it for later reference and then mitigate the code to a later version that does not come flagged. Any other procedure is not considered "best practices", just like altering excessive server header info with something else is not. Software should not speak out period.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!