It has minimal text, minimal scripts, minimal style applied, minimal code in the backend. It’s a launch page for an upcoming product.
Here’s why the problem would come up:
The name of the person that bought the domain (my partner) is hidden - i have another website that does this and it works fine
The date the site came online is 31st December (a week ago) - this shouldn’t be a problem either
The IP seems to be russian - although it’s registered with DigitalOcean and I’ve explicitly chosen London as the server location
The site doesn’t have https
The site doesn’t have www. address.
The website is not in english and english is suggested to be an alternative.
the website only has a big image and minimal text.
favicon.ico is a 302 redirect to /static/favicon.ico
All these reasons shouldn’t be a problem, but maybe malware detectors get upset about this.
I have to mention my dad runs nod32 and he couldn’t get on it either. 2 of my friends told me that they run avast and they get mal:URL or url:mal. I got the same problem last night, when I’ve installed the free version of avast.
What I tried to do:
Wait to be indexed by google (it’s now in the first 2 pages)
Use google webmaster tools.
I searched throughout and I got the idea that I shouldn’t show the Apache version, and so I’ve hidden it.
I’ve also installed a firewall ufw and only enabled port 22 and 80. ( a website was complaining about this).
I’ve tried many ways to see what is the problem with this.
500 people+ managed to enter the website successfully, it works fine as long as avast is not running. What could the problem be?
PS: I’ve installed Avast on a fresh machine. Immediately after I’ve installed Avast, I’ve accessed the site and it was working. I’ve then rebooted the machine and tried to access it, and got mal:url blocked google.exe. After that, no more messages came up. Nothing, all chrome was saying was “can’t load this page”. I’ve searched through the menus on how to remove the website from the list of blocked websites, and I couldn’t find such a thing.
VirusTotal’s passive DNS only stores address records. The following domains resolved to the given IP address.
2017-01-01 minedive.com
2016-01-13 cafonllne.org
2015-10-27 forum.mylif1estreet.accountant
2015-10-22 forum1.bestcarworld11.top
2015-10-14 forum.treeworbest22kcare.xyz
2015-10-12 forum.mybesttreewor22kcare.xyz
The last website that might’ve had malware on it was on 13th of January 2016 (a year ago).
Is there anyway you could whitelist the IP? There is no malware or anything similar on the website.
The last website that might've had malware on it was on 13th of January 2016 (a year ago).
Eh no.
The last detection in my scans show 20170105 as latest detection(s).
Is there anyway you could whitelist the IP? There is no malware or anything similar on the website.
No, I can't "whitelist" the domain and/or IP as I am not working for avast.
Besides that, avast will not whitelist a IP unless there are zero domains on it that host/spread malware/are malicious.
You can ask avast to remove your domain from their blacklist. https://www.avast.com/report-a-url.php
But is is up to avast if they will do so or not.
It can be they have detected things the few scans I have run do not show.
As I said before, the problem is likely the shared hosting that you are using but only someone from avast can tell for sure.
A real easy way to avoid it is using dedicated hosting or using a host(er) that cares about security and is very active in removing malicious domains.
Hopefully an Avast Team Member can exclude your website from blocking.
Wait for a final verdict from one of them.
We are just volunteers with relevant knowledge,
only Avast Team Members can come and unblock.