HI all
I am working on a new site for a customer and put together a quick and dirty site temporarily (ironically the customer loves it, i don’t)
He has been contacted by a customer who says Norton antivirus is flagging the site as unsafe.
Is there any Norton users out there who could do a quick check for me to help identify the issue
Brian
Good luck getting it removed from the Norton database, took me 7 months of begging them to recheck and update their stupid system
Joy and happiness. I have had a few issues with antivirus systems and false positives since using Wappler. I do wonder if there is some issue with one of the JS components which cause these false positives. bitdefender has been the biggest offender
I only ever had it with one site, and that was a wordpress site, and in fairness norton was correct, the site had been hacked and redirected users all over the place, funnily enough just today I had another old wordpress site get hacked the same way, although Norton has not picked up that one yet.
I actually do not know how other people handle stuff like this, i mean in the last decade I could have 300 websites that I have had something to do with, that I do not touch ever again, as with WordPress sites the client uses the CMS to keep it up to date. Everytime WordPress comes out with an update I am not going to go and update 300 WordPress installations and all their plugins, so every now and again I am going to get a hacked one.
Even my Wappler sites, when a Wappler or DMXZone update comes out I never go open all my old sites and republish to give them the updates, does anyone else do this.
We don’t allow automatic updating of any files. We do everything manually after making backups of everything that worked before. It’s a safe guard, not Wappler specific (the reasons for this), although we have never liked the fact that there is no notification that files are being updated (a dialogue to allow or deny automatic uploading of files would be nice).
We had a few instances of Wordpress attacks in the past (we no longer provide Wordpress based services). Several times Google flagged the sites as compromised, and rightly so, but it was a nightmare to get them off these lists. We found that Wordfence was really good at protecting these installs, so we went back and installed this plugin to all the Wordpress installs (thankfully never had any further issues). Never had any DMX/Wappler file issues with any AV vendors or site scanning plugins though! We did have one or two issues whereby Modsecurity flagged some DB connection files but that was down to our hosting set-up which was incredibly strict. Easily rectified and has never been an issue since…
Thankfully my servers update wordpress core automatically although plugins need to be updated manually
This was my main reason for using Espresso for most of my web development and only using DreamWeaver with DMXZone extensions for new sites and manually updating the files i wanted to.
Many of my sites are build, hand over and forget, and many are not on my own servers and all I have is FTP access, so the auto updates were always a little nerve wracking.
I mean it may have been fine going a version at a time, but in my scenario, I often have a site, build, hand over to client, 2 years later they ask me to update their rates, opening that site back in dreamweaver when the application and all plugins have been updated 10 times in 2 years, is just not something I wanted to deal with when you are only charging the client 30 minutes of labour for 5 price updates.
I assume neither of you guys use norton?
Never, terrible product!
Sorry Brian, not me, im a windows defender guy only, since I broke wappler with eset, anything that breaks wappler goes in the bin now.
Really hate the idea of even £10 just to check this, they no longer do a 30 day trial!
Looks like there’s a free trial here Brian - https://www.nortonsecurityonline.com/ns-uk/free-trial-uk.html
I always advise clients to steer away from Norton, not much help I’m afraid. Only third-party antivirus I’ve recommended for Windows is ESET or windows defender.
Yes,defender every time for me.
I have Norton on a personal machine – loaded your site and ran most of the pages. I sort of lost site of the pages but there is an Installation page with not a lot of data on it. The link to this page caused Norton or Chrome to produce a page that suggested the site might be a scam since the page was showing as http and not https. I was having other issues and grandkids running around so could not pull as much info as I wanted, but the page was one of those, this is not a “safe marked site” but you can still click through. Sorry I did not get more information Brian but hopefully this will help.
Jim
Thanks for that JIm. This is going to drive me crazy. I even installed Norton onto an old laptop and still can’t reproduce it.
I can’t find any http:// links anywhere, no warnings about any insecure links are shown in the browser and there are no links on the installation page at all and as you say little text on it as I am waiting for it from the customer but it gives me something to work on. If you could pin this down a bit more precisely when you have 5 then I would be most appreciative