Attack Site False Positives - Mozilla

This is a discussion on Attack Site False Positives - Mozilla ; My website, heartsonglabradoodles.com, was compromised via a .htaccess hijack. The site has been fixed, a review was requested, and the google search results no longer list the site as potentially harmful and you can click through to the site. Firefox ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Attack Site False Positives

  1. Attack Site False Positives

    My website, heartsonglabradoodles.com, was compromised via a .htaccess
    hijack. The site has been fixed, a review was requested, and the
    google search results no longer list the site as potentially harmful
    and you
    can click through to the site. Firefox users are able to navigate to
    the site, however they get an attack site warning when they browse
    certain pages. Other pages display without error. Ideas anyone?

  2. Re: Attack Site False Positives

    On Nov 24, 9:43*am, David Pyles wrote:
    > On 11/24/2008 9:21 AM, john_heartsong wrote:> My website, heartsonglabradoodles.com, was compromised via a .htaccess
    > > hijack. *The site has been fixed, a review was requested, and the
    > > google search results no longer list the site as potentially harmful
    > > and you
    > > can click through to the site. *Firefox users are able to navigate to
    > > the site, however they get an attack site warning when they browse
    > > certain pages. *Other pages display without error. *Ideas anyone?

    >
    > When you click on the "Why was this site blocked" button on the attack
    > site warning the following information is displayed:
    >
    > What happened when Google visited this site?
    >
    > * * *Of the 60 pages we tested on the site over the past 90 days, 3
    > page(s) resulted in malicious software being downloaded and installed
    > without user consent. The last time Google visited this site was on
    > 2008-11-23, and the last time suspicious content was found on this site
    > was on 2008-11-21.
    >
    > * * *Malicious software includes 3 adware(s). Successful infection
    > resulted in an average of 0 new processes on the target machine.
    >
    > * * *Malicious software is hosted on 2 domain(s), including
    > antivirusdefense.com, 89.28.13.0.
    >
    > * * *2 domain(s) appear to be functioning as intermediaries for
    > distributing malware to visitors of this site, including
    > clicksoverview.com, 89.28.13.0.
    >
    > Most likely the Googlebots will have to index your site again before the
    > warning goes away. *Instructions for requesting Google to trview your
    > site are here:http://www.google.com/support/webmas...hl=en&answer=4...
    >
    > Dave Pyles
    >
    > Dave Pyles


    Do you know how Firefox determines if the site is an attack site? Via
    a Google API? I find that while a Google search no longer flags the
    site as malicious, Webmaster Tools still lists the site as potentially
    harmful. The review must have completed because the search results
    are not clear, but there is an apparent delay between other parts of
    the system or other partners being updated on the results.


  3. Re: Attack Site False Positives

    On Nov 24, 11:38*am, john_heartsong
    wrote:
    > On Nov 24, 9:43*am, David Pyles wrote:
    >
    >
    >
    > > On 11/24/2008 9:21 AM, john_heartsong wrote:> My website, heartsonglabradoodles.com, was compromised via a .htaccess
    > > > hijack. *The site has been fixed, a review was requested, and the
    > > > google search results no longer list the site as potentially harmful
    > > > and you
    > > > can click through to the site. *Firefox users are able to navigate to
    > > > the site, however they get an attack site warning when they browse
    > > > certain pages. *Other pages display without error. *Ideas anyone?

    >
    > > When you click on the "Why was this site blocked" button on the attack
    > > site warning the following information is displayed:

    >
    > > What happened when Google visited this site?

    >
    > > * * *Of the 60 pages we tested on the site over the past 90 days,3
    > > page(s) resulted in malicious software being downloaded and installed
    > > without user consent. The last time Google visited this site was on
    > > 2008-11-23, and the last time suspicious content was found on this site
    > > was on 2008-11-21.

    >
    > > * * *Malicious software includes 3 adware(s). Successful infection
    > > resulted in an average of 0 new processes on the target machine.

    >
    > > * * *Malicious software is hosted on 2 domain(s), including
    > > antivirusdefense.com, 89.28.13.0.

    >
    > > * * *2 domain(s) appear to be functioning as intermediaries for
    > > distributing malware to visitors of this site, including
    > > clicksoverview.com, 89.28.13.0.

    >
    > > Most likely the Googlebots will have to index your site again before the
    > > warning goes away. *Instructions for requesting Google to trview your
    > > site are here:http://www.google.com/support/webmas...hl=en&answer=4...

    >
    > > Dave Pyles

    >
    > > Dave Pyles

    >
    > Do you know how Firefox determines if the site is an attack site? *Via
    > a Google API? *I find that while a Google search no longer flags the
    > site as malicious, Webmaster Tools still lists the site as potentially
    > harmful. *The review must have completed because the search results
    > are not clear, but there is an apparent delay between other parts of
    > the system or other partners being updated on the results.


    that should be "... search results ARE clear"

+ Reply to Thread