This is the website of a longstanding local not-for-profit social services agency. I am sure it is harmless.
Is this another case of Avast! blocking a website because it contains an element that sometimes, maybe, could be misused for bad purposes but ordinarily is not? If so, this is getting rather tiresome.
Is there some fine-tuning I can do on the Web Shield so that it only blocks stuff that is actually malware and not just potentially malware?
I don’t really know how to interpret the SSLLabs information. But in my opinion the fact that someone doesn’t want to pay somebody else for a “security certificate” does not say anything at all about the security of that person’s website or server.
URLQuery seems to indicate this is a false positive.
The blacklist site mostly greenlights the IP address; as is typical, it’s on a few blacklists, because blacklisting is not a precise science.
So thanks for the information about this site.
I know that many people consider IFrame dubious, but only in its potential for misuse, not because it is inherently destructive. So my concern remains: Avast should not block potential malware, only actual malware. Is there a way to configure the Web Shield to do this?
URlQuery shows that there is a malicious site (with high risk) on the same ASN.
About the blacklists, I agree. But it is always a good idea to investigate if there is a problem if it is blacklisted.
You are wrong with saying that avast should not block potential malware.
Why taking the risk of infection?
It is better to block potential malware then just let a application install/run and get a infected system.
As far as I can tell, the website doesn’t contain malware.
Please report it through the contact form http://www.avast.com/contact-form.php and ask avast to allow the website.
They will check things and if the site really is clean, they will remove the block a.s.a.p.
Mention in you request the link to this thread.
However, I do not understand why SSL would be at all relevant to a non-“secure” website.
This is the Web Shield; it is blocking a web site. This is not an https site; it’s ordinary http. Whether or not there is an email server or some other server using that domain name that might have SSL implications, that should not affect whether Avast’s web shield blocks the web site.
Also, I don’t see anything on the URLQuery site that I can interpret as a malicious site. It says there have been “reports” on other sites on the same ASN; those “reports”, for all I can see, could be just as bogus as the “report” on the website I’m concerned about.
Nor do I see any sense in blocking one website because another site hosted on the same server has malware. I’m not going to that other site, I’m going to this one. The host seems to be GoDaddy; they have probably millions of websites. Surely it cannot be a sane policy to minimize risk by blocking sites merely because they are on the same server as dangerous sites.
I will report it to Avast, but it’s the second website false positive I’ve had to report in recent weeks, and I’m sure that now that I am paying more attention to the SOA shield logs there will be many more of these.
I’m paying Avast to manage these risks, and in my opinion sound risk management involves realistic assessment of danger and calibrated responses to different probabilities of risk.