Author Topic: Avast Online Security blocked my website  (Read 317 times)

0 Members and 1 Guest are viewing this topic.

Offline antek.gzara

  • Newbie
  • *
  • Posts: 1
Avast Online Security blocked my website
« on: October 08, 2021, 02:57:26 PM »
Hi I have a small website
antek-gzara-animations.github.io
and
antek-gzara-animations.github.io/shop
And everybody that has an Avast Online Security chrome extension can's access the site.
Source code is public so I don't know why they blocked my site. It says that my site is using phishing to get user data but it does not.
Can I report it to them or something?

source code
https://github.com/Antek-Gzara-Animations/Antek-Gzara-Animations.github.io

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33325
  • malware fighter
Re: Avast Online Security blocked my website
« Reply #1 on: October 08, 2021, 03:07:02 PM »
Witam,

This must be because of a specific redirect. But wait for an official verdict from Avast Team.

They are the only ones to come and unblock.
I stumbled upon the following redirect:
Quote
The server has previously indicated this domain should always be accessed via HTTPS (HSTS Policy per https://tools.ietf.org/html/rfc6797). Chrome has cached this internally, and did not connect to any server for this redirect. Chrome reports this redirect as a "307 Internal Redirect" which simply does not exist per https://tools.ietf.org/html/rfc7231#section-6.4.7 - however this probably would have been a "301 Permanent redirect" originally and the Google guys made fun of the webmaster community maybe. You can verify this by clearing your browser cache and visiting the original URL again. Please note that this is kind of a weird behavior and that Google even calls 307 redirects "a lie" in a post by John Muller titled "A search-engine guide to 301, 302, 307, & other redirects" at https://plus.google.com/+JohnMueller/posts/E4PqAhRJB2V - However server side 307 redirects do exist and we will show them. ;-) - for further details on redirects we recommend you checkout the CEMPER.Academy or the LinkResearchTools LRT Associate Training as all those details are trained in there, and covered in the full LinkResearchTools suite of course.

pozdrawiam,

polonus (volunteer 3rd party cold recon website security-analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!