Thank you again, Hayton. We’re going to start phasing out their ads, I think. We never show too many of them, but if we’re near their $50 payment threshold, we might ask that they pay up and we’ll end our agreement with them. I’m not comfortable with taking the risks.
BTW, Hayton, I have removed (AFAIK) the Creafi links from the pages where McAfee SiteAdvisor was giving us a red X, but it looks like it’s still giving us the red X. Unless I’ve missed some?
I know I still have a few on pages where we have a green tick, so I actually left those alone.
Well, I've looked at the pages that are showing with Red warnings in a Google for your site - and there are still a few. I can't see anything that is being blocked by SiteAdvisor (like the Creafi ad was) but there's so much third-party content on those pages that trying to find the problem area is not at all easy. I had the /insider page open in three different browsers and each one showed a different selection of content. Some of it was blocked by add-ons but was still visible on the page (a Flash video and another video from some place I hadn't encountered before). Other content was prevented from displaying by the different combination of add-ons in each browser. All in all I counted 8 or 10 third-party suppliers, and some or all of their content was blocked in each browser.
SiteAdvisor, by the way, is showing Green for your site as a whole and finds no problem with any of the links it knows about. It's TrustedSource which is flagging the pages, which is why third-party content is still the most likely cause of the Red flags.
I checked some of the content providers on lucire.com/insider and came up with nothing definite. However, in IE there were a couple of script errors, one of them relating to "b.voicefive.com" :
Message: Script error
While legitimate, that survey provider has had criticism in the past - see the reviews on https://www.siteadvisor.com/sites/b.voicefive.com/msgpage. It too, though, has a Green SiteAdvisor rating overall.
So, basically, I'm at a loss to account for the remaining Red flags. Looking at the criteria for marking a site Red (see http://www.siteadvisor.com/webmasters/index.html), I can't see anything that applies to these pages.
Behaviors that typically lead to red site ratings are
- hosting drive-by exploit code,
- impersonating a legitimate business (phishing),
- making unrequested or unexpected system changes, or
- hosting malware for download at the time of our visit.
Sites can also be rated red when we receive unexpected e-mail to the unique e-mail address we submitted to that site, and the e-mails we receive exhibit characteristics consistent with spam e-mail, such as unusual volume or a high "spamminess" score as determined by an automated scanning program.
Additionally, we may rate a site red for certain types of linking behavior with other red sites, or when we find a site that engages in activities we believe could be misleading.
I suggest you contact SiteAdvisor or TrustedSource for clarification. Perhaps they can tell you where the Red-flag content is. See the Webmasters page for more information.
Thanks, Hayton, I’ll have to contact Trusted Source as you advised.
The pages generally have three ad networks that we deal with (Creafi being one). They might, however, link to other sites.
I also have a couple of other sites that have Creafi ads and they’ve been OK. Hopefully I’ll get to the bottom of this soon. Even our Wordpress admin pages (ones with no ads whatsoever) are showing the red X, which seems really strange.
Did you know about the attack on WordPress sites earlier this month? Your site is using WordPress 3.5.1, and that is (I think) the most recent version, but it means the site has almost certainly been probed by the attackers. They're being very determined, although simplistic - only sites with default admin username + password combinations seem to be affected. Yours is probably OK. This is just for information.
Attacks on WordPress sites -
Hi Hayton: yes, I had heard about it. I wonder if that’s the culprit then. We do have a pretty good username–password combination.
I have contacted SiteAdvisor and have received a confirmation that I am in the queue.
Actually I do know what that means. It's classed as a DoS (Denial of Service) Attack, and if it's been done intentionally then the malware has exploited a vulnerability in the browser code - for Chrome, that's pretty unusual.
If this was caused by a buffer overflow then what usually happens next is that malware code is written straight into memory, and executes immediately. Google have the crash report, I don't. I'll need to run a few scans to make sure there's nothing amiss.