Whether you like it or not, if you place a website on the internet, you ARE totally responsible for its contents and anything that leads users to other sites.
Checking your site for html compliance is very telling indeed. http://validator.w3.org/check# Result: 670 Errors, 332 warning(s)
Quite stunning for such a small site, clearly you would benefit from some professional help.
Whilst you seek help you should also visit this link http://ico.org.uk/ and take advice about your legal obligations regarding running a website in the UK/EU.
You are breaking multiple laws and could face very considerable penalties for non compliance.
HTML compliance is not the issue. My view of HTML is
Does it work?
Is it dangerous
The answers to this with regards to my site are
Yes
&
No
You claimed my site has malicious code.
Now you are claiming it is not HTML compliant.
They are VERY different things.
Much Microsoft HTML is not actually compliant but they get away with it
so I dont see why I shouldn’t just make it up.
It is not dangerous and you haven’t found a link on my site that is dangerous
and I have no intention of employing someone to write bad code for me
when I can write bad code myself.
“you ARE totally responsible for… anything that leads users to other sites”
No, I am not. Quote me the legislation so I can ignore it.
I am intensely impressed too that our website may host malware when it hosts no software of any kind.
Surely people either think it is or isn’t dangerous which is a binary issue
as should be identifiying which pages exactly contain malicious code and what that code does/doesn’t do
something you have consitently failed in.
Anyone would think you just didn’t want ordinary people writing their own code
So what? The 404 or Not Found error message is a HTTP standard response code indicating that the client was able to communicate with the server, but the server could not find what was requested. I suggest you take it up with the server in question. I am not going to go through all my pages removing ancient html links that are out of date to keep the IT industry happy. They remain as they are for historical reasons unless you can prove they are a DANGER which a 404 error on its own is not.
As to the server we rent space on the web we are not self hosting so I am not responsible for Everything that goes on at that IP which hosts many many other websites - if you have a problem with them …take it up with them.
In the mean time my own inimitable crappy HTML will continue to infect the internet until such time as anyone can prove it is dangerous or the ICO fine an open mike night £50,000
It isn’t standard for a 404 error page to do anything other than tell you of something not found. It is not standard to have a iframe tag in to another site (malkm.com, which is infected) in the 404 error page.
This is what I was saying in my first reply, hacking the 404 error page is quite common, so you should check it to ensure that hasn’t got anything on it that you didn’t place there.
The index.php page belongs to the web space provider
and as far as I’m aware they like it like that and it’s always looked like that for as long as I can remember.
I’ll ask them if they’re happy with it but I guess they are…
It hasn’t changed in ages but maybe what it redirects to has changed.
I suppose we could delete line 22 - it doesn’t do anything useful… but I’m not sure we have admin rights.
Maybe we should move webhost…
It’s still not the page you were originally complaining about though…
And I’m still waiting for you to discover the magic *.ico and *gzip files that dont exist
That server is open to abuse and misuse all sorts as you could have established from the clean mx link I gave for the same IP your domain is on. Certain hacks and malware on domains there are being left open for 6942.8 hours. Concluding from these facts, it does not seem security is a first priority out there. How is that for what you call “bollocks”?. We here in this forum section went through literally thousands and thousands of such sites, so we know what we talk about, but going into denial always remains an option. ;D
Never the less it does not seem very logical to blame our website for EVERYTHING that is on a server that hosts many sites as we have no control over it. Neither would I be liable for a £50,000 fine as I am not the webhost. I mean, come on.
Where do you suggest I move the site to if you dont like that server?
Also what qualifies as Malware?
Not all crap software is malicious and not all malware is potentially or even intentionally malicious?
Some is very malicious but it’s a spectrum…
For all I know Avast could have commerical reasons for not liking our server host.
Sophos disables several programs by default that are perfectly harmless.
It’s not always a straight line between intentionally and unintentionally malicious software
And still no one has explained where the *.ico and *.gzip files are
There may well be an error with the site BUT the error message returned
does not bare much relation to what you now say is wrong.
So how is anyone supposed to fix anything?
“That server is open to abuse and misuse all sorts”
Well obviously any private domain hoster is going to end up hosting an awful lot of rubbish
and yes, indeed, dangerous code …but does that make it okay to block website A
because there may be an error on website B
because they’re both on the same IP
One might argue not.
And how do I know even if I was to move the website to a different server that I wouldn’t end up back at the same problem?
It is not what I do like or not, and I remind you I am not an avast! team member,
I am just a volunteer with some extra scanning expertise.
The detection is their responsibility. I am only into this for the “good of my soul” and adding to avast! overall detection. ;D
I just say to you a hosting server with such an extent of abuse allowing is a factor to consider 8).
There are 1091 websites with IP 81.27.85.11.
Proof here: http://sameid.net/ip/81.27.85.11/ :-X
A considerable amount of malware launched from some of the domains on that same IP
and you could be (I say could be) confronted with a general URL:Mal IP block,
and then it is “out of your hands” or you should ask for your domain to be excluded from being blocked.
OK. I see your point but it would help …if you want us to jump ship for someone to explain how we find a ship that’s seaworthy.
I mean pretty much when it comes to these things most people in a situation like ours would have no idea where to start in terms of knowing which Server provider is better or worse than any other server provider.
Well, to be fair… it doesn’t seem like answering straight questions like how can I have an *.ico virus when I dont have an *.ico file is first priority in here so maybe you’re all a bit more equal than you think.
I’m not going to further waste my time on yuo. You have been told by an Avast! Employee what is wrong, a volunteer site analyst. We have tried to help you, most sites are resolved inside 24hours. We have told you what to remove and how. What more do yuo need? We aren’t responsible for your site, yet you’re asking for us what is wrong. We have told you what is wrong.
Like seriously, read what we say and your issue will be solved. What has been posted that is wrong (malkd.com) has been proven malicious. Whether it 404’s or not. It used to be so Avast! has blacklisted the site.
I will say this one more time. Remove the site (Dead or not), find anything remotely suspicious and fix it. And you’re done. What really is difficult? We learn how to HTML code in grade 9. This should not be difficult if you properly maintain your website.
I would also like to state. You situation of have nearly 1100 sites on 1 IP is saddening from Polonus’ explanation. You can change you’re site from your current provider to a different one with much less security vunerbilites.
As polonus said. Really there could be more then 1 reason for the site blacklisting. Having that many sites using that much malware would also lead to a URL: General IP blacklist.
So blaming AVAST! for your issues isn’t going to help anyone. Just makes you and us more annoyed with each other.
Hoster info on historical badness: http://sitevet.com/db/asn/AS25577
Blacklisted url 12 - Some spam, some current events.
On second thoughts these results seem not too bad, but the OVERDUE status of malware on IP does not.
Like I said , get some legal advice, you are the owner of the domain, you are the operator of the site, you are responsible , not the hosting company.
And you most certainly are liable for massive fines and costs. There are several pieces of law that have been in force since 2003 that you do not comply with.
I hope you have very deep pockets and the appropriate insurance cover.
Against my better judgement I will try one last time to answer the question, by expanding on my very first reply.
The favicon.ico, the trigger to this whole event, firefox and many other browsers will look for or try to import the favicon.ico image into the space to the left of the address bar. The fact that you haven’t got a favicon.ico is triggering the 404 error page to be displayed (Image extract posted by Milos, avast virus labs); which in turn tries to run the iframe which is connecting to an infected/malicious site. At this point avast alerts, but it is alerting on the initiating event trying to load the favicon.ico.
@ AdrianH
You have no idea what the legal ramifications are, as it will depend on A) the site owners country, B) the host country and C) the laws/requirements for those countries.
These really aren’t the point, resolving the site issues causing the alert are.
Sounds like complete pastures to me as in my experience Mozilla does not need to load no favicon to work
However, we have contacted the webhoster who has thrown away http://www.pearshapedcomedy.com/index.php
in its entirity which should hopefully solve the problem
although I notice the malkm.com does not have a favicon either so how that works I dont know
Neither do any of my pages reference a favicon so why should they crash from not having one?
However, that should resolve the 404 problem you are moaning about the simplest way?
So inspiring when people drivel on about £50000 fines but cannot simply quote the law/legistlation concerned
on the parliament website so we can ask our legal department to look it up and explain to us what it means.
Sad that so many of you see the internet simply as one big complicated security system with a near catatonic
lack of interest in what the website is for, means, says etc Sed quis custodiet ipsos custodes?
Why cant one IP host 1000 websites?
It seems like burning books on the grounds the library has wobbly shelves.
Also I have to repeat the original page that sparked this complain clearly does not call an *.ico
so I have to continue to wonder what it was all about?
Doubtless we are blacklisted anyway for having a soul
As to HTML 9 blah blah surely the whole point of interpreted languagesand markup language is experimentation? Or am I just very old?
“We aren’t responsible for your site, yet you’re asking for us what is wrong.”
If you make a statement about people then you are responsible under libel law for being able to back that up so I absolutely have the right to ask you what is wrong if you are publically criticising me. Not that we would sue or anything but are you taking the living piss or what? You said my site is wrong so I absolutely have the right to ask you. Why? if it was wrong would you not want to explain what is wrong anyway? Unless of course you are a tosser.
As to £50,000 fines - for what? Unless you can quote actual legislation people will just laugh in your face.
And deservedly so.
It would be easier if this site showed inline pictures more clearly but it took me some time to actually work out it was index.php you were complaining about. Hopefully that should keep everyone happy…
Sorry, blaming us for your issue is irresponsible. Avast! Does not know it is index.php. So coming to us and saying “Well it’s detecting gzip or ICO or dead links”. YOU host the server not US. Therefore it is not OUR job to keep YOUR site clean. Just to protect OUR users from YOUR malicious website. End of story. The End.
Now tht it’s clean, I suggest you keep it that way and move your site off that IP before the IP become blacklisted.