cancel
Showing results for 
Search instead for 
Did you mean: 

Re: Red in the add-on bar, but green on the SiteAdvisor page

Thank you again, Hayton. We’re going to start phasing out their ads, I think. We never show too many of them, but if we’re near their $50 payment threshold, we might ask that they pay up and we’ll end our agreement with them. I’m not comfortable with taking the risks.

Re: Red in the add-on bar, but green on the SiteAdvisor page

BTW, Hayton, I have removed (AFAIK) the Creafi links from the pages where McAfee SiteAdvisor was giving us a red X, but it looks like it’s still giving us the red X. Unless I’ve missed some?

I know I still have a few on pages where we have a green tick, so I actually left those alone.

Reliable Contributor Hayton
Reliable Contributor
Report Inappropriate Content
Message 13 of 20

Re: Red in the add-on bar, but green on the SiteAdvisor page

Investigating. Will post later.

Re: Red in the add-on bar, but green on the SiteAdvisor page

Thank you, Hayton.

Reliable Contributor Hayton
Reliable Contributor
Report Inappropriate Content
Message 15 of 20

Re: Red in the add-on bar, but green on the SiteAdvisor page

Well, I've looked at the pages that are showing with Red warnings in a Google for your site - and there are still a few. I can't see anything that is being blocked by SiteAdvisor (like the Creafi ad was) but there's so much third-party content on those pages that trying to find the problem area is not at all easy. I had the /insider page open in three different browsers and each one showed a different selection of content. Some of it was blocked by add-ons but was still visible on the page (a Flash video and another video from some place I hadn't encountered before). Other content was prevented from displaying by the different combination of add-ons in each browser. All in all I counted 8 or 10 third-party suppliers, and some or all of their content was blocked in each browser.

SiteAdvisor, by the way, is showing Green for your site as a whole and finds no problem with any of the links it knows about. It's TrustedSource which is flagging the pages, which is why third-party content is still the most likely cause of the Red flags.

I checked some of the content providers on lucire.com/insider and came up with nothing definite. However, in IE there were a couple of script errors, one of them relating to "b.voicefive.com" :

Message: Script error

Line: 0

Char: 0

Code: 0

URI: http://b.voicefive.com/c2/6035179/rs.js#c1=3&c3=280914&c4=472136&c5=138623&c6=&c10=1&c11=&c14=1&c16=...

While legitimate, that survey provider has had criticism in the past - see the reviews on https://www.siteadvisor.com/sites/b.voicefive.com/msgpage. It too, though, has a Green SiteAdvisor rating overall.

So, basically, I'm at a loss to account for the remaining Red flags. Looking at the criteria for marking a site Red (see http://www.siteadvisor.com/webmasters/index.html), I can't see anything that applies to these pages.

Behaviors that typically lead to red site ratings are

- hosting drive-by exploit code,

- impersonating a legitimate business (phishing),

- making unrequested or unexpected system changes, or

- hosting malware for download at the time of our visit.

Sites can also be rated red when we receive unexpected e-mail to the unique e-mail address we submitted to that site, and the e-mails we receive exhibit characteristics consistent with spam e-mail, such as unusual volume or a high "spamminess" score as determined by an automated scanning program.

Additionally, we may rate a site red for certain types of linking behavior with other red sites, or when we find a site that engages in activities we believe could be misleading.

I suggest you contact SiteAdvisor or TrustedSource for clarification. Perhaps they can tell you where the Red-flag content is. See the Webmasters page for more information.

Re: Red in the add-on bar, but green on the SiteAdvisor page

Thanks, Hayton, I’ll have to contact Trusted Source as you advised.

The pages generally have three ad networks that we deal with (Creafi being one). They might, however, link to other sites.

I also have a couple of other sites that have Creafi ads and they’ve been OK. Hopefully I’ll get to the bottom of this soon. Even our Wordpress admin pages (ones with no ads whatsoever) are showing the red X, which seems really strange.
McAfee flags Wordpress.png

Reliable Contributor Hayton
Reliable Contributor
Report Inappropriate Content
Message 17 of 20

Re: Red in the add-on bar, but green on the SiteAdvisor page

Did you know about the attack on WordPress sites earlier this month? Your site is using WordPress 3.5.1, and that is (I think) the most recent version, but it means the site has almost certainly been probed by the attackers. They're being very determined, although simplistic - only sites with default admin username + password combinations seem to be affected. Yours is probably OK. This is just for information.

Attacks on WordPress sites -

http://www.us-cert.gov/ncas/current-activity/2013/04/15/WordPress-Sites-Targeted -Mass-Brute-force-B...

http://krebsonsecurity.com/2013/04/brute-force-attacks-build-wordpress-botnet/

http://arstechnica.com/security/2013/04/huge-attack-on-wordpress-sites-could-spa wn-never-before-see...

http://siliconangle.com/blog/2013/04/15/how-to-sidestep-the-wordpress-botnet-hac k/

Re: Red in the add-on bar, but green on the SiteAdvisor page

Hi Hayton: yes, I had heard about it. I wonder if that’s the culprit then. We do have a pretty good username–password combination.

I have contacted SiteAdvisor and have received a confirmation that I am in the queue.

Re: Red in the add-on bar, but green on the SiteAdvisor page

Good news, Hayton: the red X turned into the green tick today. It looks like notifying SiteAdvisor did the trick.

Reliable Contributor Hayton
Reliable Contributor
Report Inappropriate Content
Message 20 of 20

Re: Red in the add-on bar, but green on the SiteAdvisor page

Actually I do know what that means. It's classed as a DoS (Denial of Service) Attack, and if it's been done intentionally then the malware has exploited a vulnerability in the browser code - for Chrome, that's pretty unusual.

If this was caused by a buffer overflow then what usually happens next is that malware code is written straight into memory, and executes immediately. Google have the crash report, I don't. I'll need to run a few scans to make sure there's nothing amiss.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community