Yeasterday Ive discoverd that my portfolio website www.artursadlos.com is blocked by Avast
Infection: URL:Mal
It is my personal website hosted on Squarespace. Im only using this adress to redirect to Squaresopace. Also my other domain that is only parked www.moeticonceptverse.com is blocked too.
We have found in our database of already analyzed websites that there are 713 websites hosted in the same web server with IP address 198.49.23.145. Remember that it is not good to have too many websites located in the same web server because if a website gets infected by malware, it can easily affect the online reputation of the IP address and also of all the other websites.
The problem is that you do not have a dedicated server, but a shared on.
Other domains are also on the same server/IP and if they conduct malicious practices the IP will be blocked.
According to your initial post you have multiple domains.
“So from what I can see, Avast simply mentioned in that forum that they have blocked our IP addresses due to suspicious behavior (they recognize our IP structure as spammy, even though its not - its just how we have our sites organized)”
“I would say they’re definitely blocking this on their end due to this misunderstanding of our IP structure”
“submit a request to unblock the IP from that link I sent, letting them know its been blocked incorrectly. Basically, just tell them its not malicious and has been verified as ok from almost all of the malware checkers they provided in the links in that forum you sent”
And my question now. Sending a ticket will work? Will this ip going to be unblocked?
So from what I can see, Avast simply mentioned in that forum that they have blocked our IP addresses due to suspicious behavior (they recognize our IP structure as spammy, even though its not
No, avast has blocked the IP because there are malicious on it, not just because of a suspicion.
I would say they're definitely blocking this on their end due to this misunderstanding of our IP structure
Sure, avast is blocking that IP but not because avast doesn't understand their structure.
Basically, just tell them its not malicious and has been verified as ok from almost all of the malware checkers they provided in the links in that forum you sent
The links I have posted show very clearly that things are not ok.
It is very clear that Squarespace is not honest about things and/or they don’t have a clue about things.
I run checks on my websites/IP’s and the ones I maintain for others on a regular base.
About two years ago I saw malicious things where happening on the same IP.
I contacted my host, and within 24 hours they gave me a new IP, monitored the other websites and removed the malicious ones.
And my question now. Sending a ticket will work? Will this ip going to be unblocked?
Yes, avast will have a look at your website and if nothing malicious is found they will allow it. They will not unblock the IP as long as there is malicious going on there.
History of being on a blacklist
History of being used in an aggressive marketing campaign
History of malicious traffic or use
Triggered as a spam-bot or aggressive crawler
We were lazy and we did not see that it is a false-positive
Thank You for help. I have provided this information to Squarespace support and to Avast support. Hope theyll help me. Im really green in this matter and Im having hard time to understand what is happening in my case.
Im trying to figure out is it a problem with Squarespace or with GoDaddy because it is really unclear for me. Both services are costly for me and pushing me around isnt helping at all.
When your site is hosted as a dedicated website these problems may not take place.
Sharing various domains/websites on one and the same IP means that one or more bad apples there may give the whole basket of apples a bad name. That is what has happened in your case, all of the IP blocked, because the hoster is not acting towards abuse by others on that same IP. In that case you are not doing anything wrong, but you are a victim of such sloppy hosting abuse policies. Similar message but a bit differently put came from our forum member Eddy in his earlier reply.
Ive contacted GoDaddy. There was lots of subdomains created on both my active and parked domain. The cleared it for me. Soo there was some breach or hacking on their end becausre I dont remember creating hundreds of subdomains
I wonder if it will help and my domain will be unblocked. Or still there will be some issue with Squarespace infrastructure.
You are welcome, good that you are aware now you have to investigate yourself and never again take issues for granted, as they cannot be. These days you can only really trust what you have tested yourself or what was tested on your behalf.
Glad to be of any assistance. May your website prosper! Stay safe wit Avast,
polonus (volunteer website security analyst and website error-hunter)