The system is probably set up that way on purpose to discourage automated bots 
from pounding on the site constantly, and ensure that the browser visiting the 
site is actually a human.

— 
Sent from my  iPad

> On Jan 6, 2023, at 14:55, Paul Kosinski via clamav-users 
> <clamav-users@lists.clamav.net> wrote:
> 
> I occasionally see a similar message from sites other than clamav.net saying 
> something equivalent to Cloudflare's "review the security of your connection".
> 
> The phrasing is pure gaslighting. It isn't for *connection* security -- HTTPS 
> provides *that*. What it really means is that the site is trying to search 
> your computer by running some Javascript (which I block by default via 
> NoScript, thus causing the message). They assume, probably correctly, that 
> most visitors will think it's for *their* benefit  After all, security is 
> good, isn't it? 
> 
> Why can't Cloudflare et al be honest and say that they're trying to avoid 
> Denial of Service attacks and other bandwidth overload?
> 
> 
> 
>> On Thu, 5 Jan 2023 10:18:38 -0500
>> Kris Deugau <kdeu...@vianet.ca> wrote:
>> 
>> I went to load a semi-bookmarked page for signature writing 
>> (https://docs.clamav.net/manual/Signatures.html), but it failed and kept 
>> reloading Cloudflare's "security check" voodoo.
>> 
>> (Side question to pass up the chain at Cisco/Talos - is there a knob 
>> that can be twisted somewhere to force that check to run exactly once, 
>> then stop?  I can't imagine any scenario where running it over and over 
>> and over has any benefit to anyone.  [And for bonus points, display an 
>> error message that gives some sliver of a hint what 
>> beyond-the-bleeding-edge headacheware the site or its security provider 
>> insist on relying on this week.])
>> 
>> I then tried to load the main site, https://www.clamav.net, which also 
>> went into the same loop.
>> 
>> I usually use Seamonkey (all-in-one Mozilla suite).  I tried Konqueror 
>> which seemed to load things up fine.
>> 
>> Since starting to write this and putting it aside, I've come across a 
>> small handful of other sites with the same issue, including one case 
>> where the base site triggered the issue but a directory under the base 
>> site did not.  Since I'm *not* seeing it across a large number of sites, 
>> it's pretty clearly some specific security option in Cloudflare causing 
>> the failure.
>> 
>> -kgd
> _______________________________________________
> 
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
> 
> https://docs.clamav.net/#mailing-lists-and-chat
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Reply via email to