Author Topic: URGENT: All Websites that sell with Ecwid are now all blocked  (Read 401 times)

0 Members and 1 Guest are viewing this topic.

Offline ext237

  • Newbie
  • *
  • Posts: 1
URGENT: All Websites that sell with Ecwid are now all blocked
« on: August 14, 2020, 02:40:04 AM »
Hello, the Ecwid eCommerce plugin for websites are now all blocked.  This prevents companies that use the Ecwid stores form processing sales.  Please look into this because we can't tell our customers to uninstall your software in order to shop with us.  Example stores:

calidoguitars.com
houstonphotowalks.com

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83937
  • No support PMs thanks
Re: URGENT: All Websites that sell with Ecwid are now all blocked
« Reply #1 on: August 14, 2020, 03:16:31 AM »
Reporting Possible False Positive File or Website - https://www.avast.com/false-positive-file-form.php.
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.8.2432 (build 20.8.5684.602) UI-1.0.566/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32770
  • malware fighter
Re: URGENT: All Websites that sell with Ecwid are now all blocked
« Reply #2 on: August 14, 2020, 06:19:51 PM »
8 detections for pages that communicate with IP: -calidoguitars.com ->
https://www.virustotal.com/gui/ip-address/192.124.249.58/detection
-> https://www.virustotal.com/gui/ip-address/192.124.249.58/relations

On Word Press CMS settings: Directory Indexing
In the test an attempt was made to list the directory contents of the uploads and plugins folders to determine if Directory Indexing is enabled. This is a common information leakage vulnerability that can reveal sensitive information regarding your site configuration or content.

Path Tested   Status
/wp-content/uploads/      enabled
/wp-content/plugins/      disabled
Directory indexing is tested on the /wp-content/uploads/ and /wp-content/plugins/ directores. Note that other directories may have this web server feature enabled, so ensure you check other folders in your installation. It is good practice to ensure directory indexing is disabled for your full WordPress installation either through the web server configuration or .htaccess.

Wait for a final verdict from avast team,

polonus (volunteer 3rd part cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32770
  • malware fighter
Re: URGENT: All Websites that sell with Ecwid are now all blocked [SOLVED]
« Reply #3 on: August 15, 2020, 06:23:08 PM »
L.S.

Do not see those pages blocked anymore. Like: -houstonphotowalks.com (not found any DOM-XSS issues).
Opened the website on an avast protected machine.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!