LightZone is an open-source photo editor. It’s web site has been blocked for me by (free) Avast’s web shield for the last four days. A single LightZone’s forum user reported Google’s browser blocking the site, other users seem to have no problems.
As you can imagine, such small, non-commercial, enthusiast sites have problems with this kind of things, most often having no security experts on-board. Thank you for your time, dzięki. I made a link to this thread on LightZone’s forum, disabling my web shield to do this, but it might take some time for anything to be resolved.
Do you think users of other AVs are in some real danger, still using this site and forum normally? (Of course, some might be unable to access it and report.) About 25 % of users are using Linux, and about 25 % Apple’s operating system.
You could say it is always a risk if anti-malware software and/or other security software/hardware isn’t detecting/blocking sites with infections/security issues.
Just my opinion :
Commercial or non commercial doesn’t matter.
The problem is that everyone who can afford it, can get a domain and basically put everything on their site as they wish without even having the basic knowledge about things.
When I see infections/problems like this I always wonder where the security from the host is. >:(
The host should have detected it and at least should have noticed the domain owner of the problem(s) in my opinion.
Few years ago I used a little JavaScript in one of my webpages.
Within 24 hours I received a (automated) email that something malicious was detected.
It was a false positive, but nevertheless they alerted me.
Not even 24 hours later they had solved it.
When people (often victims) come to report a site is being flagged by Avast (AOS, webshield etc.) it means the site has actually already been infested with malware. Before that a site may have long been open to abuse, either vulnerable or open to exploits etc. Often those that have put the site up, do not know what and where to look for weaknesses in the site’s code, the configuration, DNS errors, etc. etc.
We scan in a specific sequence with scanners for such insecurities and the presence of retirable code (libraries), outdated software (server, CMS, PHP), outdated plug-ins, vulnerable jQuery, cloaking, status codes, spammy looking links, defacement, iFrames, blacklist checks, and quite some other issues to report, so one could better protect or ask some expert to do this.
Eddy is right where he says that a lot of hosting parties do not do much in the way of pro-active protection of a website or a blog’s security, they just cash in and leave it at that. Also software vendors (in order to keep their downloading customers satisfied) let you download the whole “kaboodle” and leave what to install and more important what to not install up to you. Just like Eddy I think this is a very unsatisfactory general situation. Whenever we can give volunteer support and spread our relevant knowledge of issues, give feedback (also to Avast’s) and educate to improve that situation, we feel grateful when we see results from our mission to make the Interwebs and websites more secure,
polonus (volunteer website security analyst and website error-hunter)
Thanks, Pondus, for the cross checking on the found malware, with Avast’s detection confirmed, we sure know now there is malcode out there to be cleansed, taken down or whatever to dismantle it. I hope webmasters and hosters alike take some education to make their environment a little bit more secure. Here we are just preaching for the choir. When they have people on the workfloor that are incompetent in these fields or underpaid, we are stuck with the situation at hand for a long, long time to come. That is the balance greed on the one hand versus little initiative or willingness to spend any money on pro-active security. “Penny on the pound scrooges” you cannot have it all for almost nothing…
The site maintenance was announced and started approximately at the same time as I started this thread. I don’t know the details, but Drupal and JQuery were updated and Avast doesn’t block the site any more. This issue seems to be solved:
Work is not over yet, anti-spam defence has to be upgraded etc., I will try to check the site again in a week or so, when everything is done . Thank you all for your kind help, have nice holidays!