Re: [clamav-users] Anyone else having trouble reaching the ClamAV website?
The system is probably set up that way on purpose to discourage automated bots from pounding on the site constantly, and ensure that the browser visiting the site is actually a human. — Sent from my iPad > On Jan 6, 2023, at 14:55, Paul Kosinski via clamav-users > wrote: > > I occasionally see a similar message from sites other than clamav.net saying > something equivalent to Cloudflare's "review the security of your connection". > > The phrasing is pure gaslighting. It isn't for *connection* security -- HTTPS > provides *that*. What it really means is that the site is trying to search > your computer by running some Javascript (which I block by default via > NoScript, thus causing the message). They assume, probably correctly, that > most visitors will think it's for *their* benefit After all, security is > good, isn't it? > > Why can't Cloudflare et al be honest and say that they're trying to avoid > Denial of Service attacks and other bandwidth overload? > > > >> On Thu, 5 Jan 2023 10:18:38 -0500 >> Kris Deugau wrote: >> >> I went to load a semi-bookmarked page for signature writing >> (https://docs.clamav.net/manual/Signatures.html), but it failed and kept >> reloading Cloudflare's "security check" voodoo. >> >> (Side question to pass up the chain at Cisco/Talos - is there a knob >> that can be twisted somewhere to force that check to run exactly once, >> then stop? I can't imagine any scenario where running it over and over >> and over has any benefit to anyone. [And for bonus points, display an >> error message that gives some sliver of a hint what >> beyond-the-bleeding-edge headacheware the site or its security provider >> insist on relying on this week.]) >> >> I then tried to load the main site, https://www.clamav.net, which also >> went into the same loop. >> >> I usually use Seamonkey (all-in-one Mozilla suite). I tried Konqueror >> which seemed to load things up fine. >> >> Since starting to write this and putting it aside, I've come across a >> small handful of other sites with the same issue, including one case >> where the base site triggered the issue but a directory under the base >> site did not. Since I'm *not* seeing it across a large number of sites, >> it's pretty clearly some specific security option in Cloudflare causing >> the failure. >> >> -kgd > ___ > > Manage your clamav-users mailing list subscription / unsubscribe: > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/Cisco-Talos/clamav-documentation > > https://docs.clamav.net/#mailing-lists-and-chat ___ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
Re: [clamav-users] Anyone else having trouble reaching the ClamAV website?
I occasionally see a similar message from sites other than clamav.net saying something equivalent to Cloudflare's "review the security of your connection". The phrasing is pure gaslighting. It isn't for *connection* security -- HTTPS provides *that*. What it really means is that the site is trying to search your computer by running some Javascript (which I block by default via NoScript, thus causing the message). They assume, probably correctly, that most visitors will think it's for *their* benefit After all, security is good, isn't it? Why can't Cloudflare et al be honest and say that they're trying to avoid Denial of Service attacks and other bandwidth overload? On Thu, 5 Jan 2023 10:18:38 -0500 Kris Deugau wrote: > I went to load a semi-bookmarked page for signature writing > (https://docs.clamav.net/manual/Signatures.html), but it failed and kept > reloading Cloudflare's "security check" voodoo. > > (Side question to pass up the chain at Cisco/Talos - is there a knob > that can be twisted somewhere to force that check to run exactly once, > then stop? I can't imagine any scenario where running it over and over > and over has any benefit to anyone. [And for bonus points, display an > error message that gives some sliver of a hint what > beyond-the-bleeding-edge headacheware the site or its security provider > insist on relying on this week.]) > > I then tried to load the main site, https://www.clamav.net, which also > went into the same loop. > > I usually use Seamonkey (all-in-one Mozilla suite). I tried Konqueror > which seemed to load things up fine. > > Since starting to write this and putting it aside, I've come across a > small handful of other sites with the same issue, including one case > where the base site triggered the issue but a directory under the base > site did not. Since I'm *not* seeing it across a large number of sites, > it's pretty clearly some specific security option in Cloudflare causing > the failure. > > -kgd ___ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
Re: [clamav-users] Anyone else having trouble reaching the ClamAV website?
clamav.mbou...@spamgourmet.com wrote: Kris Deugau wrote: I went to load a semi-bookmarked page for signature writing (https://docs.clamav.net/manual/Signatures.html), but it failed and kept reloading Cloudflare's "security check" voodoo. ClamAV's site works for me, using SeaMonkey 2.53.14 - I'd been looking at those pages before sending my earlier reply. It seems to be affected by Edit > Preferences > Advanced > HTTP Networking. I usually have that set to just identify as SeaMonkey. With it set to identify as SeaMonkey and advertise Firefox compatibility, I see the looping effect you describe (at least when I enable Javascript, which is usually blocked by NoScript). Thanks! I don't even recall that setting, might be worth my time to trawl through everything and see what's new. *rolls eyes at browser-sniffing* Now to see what *other* sites break after changing that setting... And maybe install a browser identifier plugin set to $firefox-recent. *sigh* -kgd ___ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
Re: [clamav-users] Anyone else having trouble reaching the ClamAV website?
Kris Deugau wrote: I went to load a semi-bookmarked page for signature writing (https://docs.clamav.net/manual/Signatures.html), but it failed and kept reloading Cloudflare's "security check" voodoo. (Side question to pass up the chain at Cisco/Talos - is there a knob that can be twisted somewhere to force that check to run exactly once, then stop? I can't imagine any scenario where running it over and over and over has any benefit to anyone. [And for bonus points, display an error message that gives some sliver of a hint what beyond-the-bleeding-edge headacheware the site or its security provider insist on relying on this week.]) I then tried to load the main site, https://www.clamav.net, which also went into the same loop. I usually use Seamonkey (all-in-one Mozilla suite). I tried Konqueror which seemed to load things up fine. Since starting to write this and putting it aside, I've come across a small handful of other sites with the same issue, including one case where the base site triggered the issue but a directory under the base site did not. Since I'm *not* seeing it across a large number of sites, it's pretty clearly some specific security option in Cloudflare causing the failure. -kgd ClamAV's site works for me, using SeaMonkey 2.53.14 - I'd been looking at those pages before sending my earlier reply. It seems to be affected by Edit > Preferences > Advanced > HTTP Networking. I usually have that set to just identify as SeaMonkey. With it set to identify as SeaMonkey and advertise Firefox compatibility, I see the looping effect you describe (at least when I enable Javascript, which is usually blocked by NoScript). I've also had sites protected by another system (Akamai, I think) block access if Javascript is disabled. With those, just enabling Javascript and reloading doesn't work, as they seem to set some sort of cookie remembering that you're blocked - so have to also delete the cookie before reloading. -- Mark. ___ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
Re: [clamav-users] Anyone else having trouble reaching the ClamAV website?
On 05.01.23 10:18, Kris Deugau wrote: I went to load a semi-bookmarked page for signature writing (https://docs.clamav.net/manual/Signatures.html), but it failed and kept reloading Cloudflare's "security check" voodoo. I often get this results with seamonkey browser. firefox is usually OK. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Spam = (S)tupid (P)eople's (A)dvertising (M)ethod ___ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
[clamav-users] Anyone else having trouble reaching the ClamAV website?
I went to load a semi-bookmarked page for signature writing (https://docs.clamav.net/manual/Signatures.html), but it failed and kept reloading Cloudflare's "security check" voodoo. (Side question to pass up the chain at Cisco/Talos - is there a knob that can be twisted somewhere to force that check to run exactly once, then stop? I can't imagine any scenario where running it over and over and over has any benefit to anyone. [And for bonus points, display an error message that gives some sliver of a hint what beyond-the-bleeding-edge headacheware the site or its security provider insist on relying on this week.]) I then tried to load the main site, https://www.clamav.net, which also went into the same loop. I usually use Seamonkey (all-in-one Mozilla suite). I tried Konqueror which seemed to load things up fine. Since starting to write this and putting it aside, I've come across a small handful of other sites with the same issue, including one case where the base site triggered the issue but a directory under the base site did not. Since I'm *not* seeing it across a large number of sites, it's pretty clearly some specific security option in Cloudflare causing the failure. -kgd ___ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat