AVAST detecting false positive on my webpage

Hello I made the complaint to a few weeks had no effect, avast started blocking my website (IP, NO-IP) suddenly and will not any kind of threat, follows the scanners made on these:

https://www.virustotal.com/en/url/4ba5aacaba18c9aded65481ee0092cc63fe90db35051d23379df30a188a01338/analysis/
http://www.urlvoid.com/scan/mu-lande.no-ip.info/
http://www.siteadvisor.com/sites/mu-lande.no-ip.info
http://urlquery.net/search.php?q=mu-lande.no-ip.info&type=string&start=2011-06-25&end=2015-04-29&max=50
https://sitecheck.sucuri.net/results/mu-lande.no-ip.info
https://check.gred.jp/sub/opinion.html?url=http%3A%2F%2Fmu-lande.no-ip.info&fraud=0
http://wepawet.iseclab.org/view.php?hash=de9f6f68255f09dd0da707fc9dee84c6&t=1430330013&type=js
http://onlinelinkscan.com/results/mu-lande-no-ip-info/
http://zulu.zscaler.com/submission/show/fb97c87d8b54094299046c10abde9f2c-1430330056

It is a site which is a webserver on a dedicated server for internal administrative access
I wish this false threat was withdrawn or a solution of what can be done to finish with this lock.

Sincerely,
Gabriel Venancio

IP history https://www.virustotal.com/en/ip-address/216.245.202.186/information/

report issue to avast here https://support.avast.com > avast virus lab

Domain, as well as IP that it was pointing to (216.245.202.186) was unblocked. :wink:

When will I be able to access without problems with avast?

The URL is already unblocked.

You may want to hide your Apache and PHP Server version and Port number, this might be used by criminals :slight_smile:

Steven Winderlich is right, also look at server header security settings:

HTTP security headers

x-content-type-options Header not returned Insecure

x-xss-protection Header not returned Insecure

x-frame-options Header not returned Insecure

Content -security-policy Header not returned Insecure

cache-control Header not returned Warning

access-control-allow-origin Header not returned Secure

See your Netcraft website risk rating 7 red out of 10: http://toolbar.netcraft.com/site_report?url=http://mu-lande.no-ip.info
http-methods: Potentially risky methods: TRACE - Index of /
Still flagged here: https://www.virustotal.com/nl/domain/mu-lande.no-ip.info/information/

Quttera list website as potentially suspicious:
index.html
Severity: Potentially Suspicious
Reason: Detected unconditional redirection to external web resource.
Details:

<meta http-equiv="refresh" content="0; url=htxp://www.mulandeonline.com.br"> 

Three IDS alerts flagged here: http://urlquery.net/report.php?id=1430338144111 (could be fake flash)

polonus (volunteer website security analyst and website error-hunter)

P.S. Consider on Suricata /w Emerging Threats Pro IDS : http://wiki.abadonna.info/doku.php?id=pfsense:snort

Damian

Thank Polonus, this site is only used internally in the company is not so certified, removed the redirection of index page, and will take the steps these flaws found
And with that with the ip released can access normally, since my site does not provide any kind of threat?

Dear gabriell.venancio,

I am only too convinced of that fact. I only gave you the info in order to better protect the site or where it is hosted, just recommended hardening info. Your site has been unblocked by an avast team member. Our info is just to better conserve the security of mentioned address.

Stay safe and secure online and offline, is the wish of,

polonus

Have every reason’ll get more increase security with your information.
Thank you for having analyzed the site, and the recognition that does not offer any kind of threat to others.

Your welcome, buona sera,

Damian