How to remove my website from your blacklist?

Hello i’m developper and my website is blacklist when your Antivirus running

Url of my website :
https://www.renovation-dieppe-amenagement-normandie-cuisiniste-76.com/

and my virustotal analysis
https://www.virustotal.com/#/url/91b5058e526bf4505c1182b692eb5a3a740a80b928e8e3aeb6bb46609d3e8806/detection

Thank you for your help :wink:

You use an outdated WordPress version, 4.6.1, you want to update to 4.8.3.

Configuration issue: Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.

ID User Login
1 None adminimpakt
2 None tinho
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.

2 vulnerable libraries detected: http://retire.insecurity.today/#!/scan/08a0c6e13eb1019e621f086f2c5ff854fdf935bdb144d87141ebbcdc107605bc

F-grade status and recommendations: https://observatory.mozilla.org/analyze.html?host=www.renovation-dieppe-amenagement-normandie-cuisiniste-76.com

Wait for an avast team member to come and give the final verdict on your website, as we are just volunteers with relevant knowledge and cannot come and unblock,

polonus (volunteer website security analyst and website error-hunter)

Thank you for your intervention, i’m going to backup my website and upgrade to 4.8.3, then i going to block the user enumeration

but about librairies why jQuery and bootstrap was vulnerable ?

All jQuery libraries taht are acquired should at a certain moment also be retired.
Vulnerability for one of these scripts, read: https://github.com/twbs/bootstrap/issues/20184
the other one, read here: https://github.com/jquery/jquery/issues/2432
line:8: Bootstrap’s JavaScript requires jQuery
[error] info: [decodingLevel=0] found JavaScript
error: line:43: SyntaxError: invalid label:
error: line:43: ;{“@context”:“http://schema.org”,“@type”:“WebSite”,“@id”:“#website”,“url”:“-https://wXw.renovation-dieppe-amenagement-normandie-cuisiniste-76.com/”,“name”:“Tinho SA”,“potentialAction”:{“@type”:“SearchAction”,“target”:"https://wXw.renovation-dieppe-a
error: line:43: …^
error: line:3: SyntaxError: missing = in XML attribute:
error: line:3:
error: line:3: …^
[/error](block in error code by me pol.)

polonus (volunteer website security analyst and website error-hunter)

Hello,

About my Wordpress :
I update my wordpress to 4.8.3
block the user enumeration with my .htaccess file

update the jQuery “wp-include/js/jquery/jquery.js” because he was in 1.12.4, now it is in jQuery 3.2.1

But for bootstrap i read this https://github.com/twbs/bootstrap/issues/20184, and Mdo ( Mark Otto, creator of Bootstrap) says : "All work has moved onto our next major release, v4. As such, this issue or pull request is being closed as a “won’t fix.” " and i need to use v3 of bootstrap, so … Can you help me to fix this ? http://retire.insecurity.today/#!/scan/67d3c190157922fbbfb7700b041d9a1c7c7f655989930d57c388c9f763285946

Can you unlock my website on your blacklist … Thank you

Hi Hota2,

I have alerted an Avast Team Member about your topic, so wait until office hours to-morrow,
and he may come to react here.

Well you cannot break iron with your bare hands, as the Dutch proverb says.
You did the best you could.
With same origin rule there properly handled, you are certainly out of harm’s way.

I just pointed out the jQuery library issues so you could fix what could be fixed.
The rest is up to bootstrap’s development. Out of our hands, really :wink:

I also think it does not matter much where avast giving your site the all green is concerned,
as there’re other issues for them as av that come into the bargain to block a site or not.

I think you are just a good sitting between the bad and ugly, those bad apples that you share that same IP with your domain.
So you could qualify for an IP block exclusion. At least in my option.

I wish other website developers would be that eager to get their websites more secure as you do.

you set an example I hope others will follow.

Well done and we are proud to have been of aasistence.

Let us wait for avast to react.

polonus

Hi Guys,
URL was removed from blacklist.

Have a nice day
Lukáš