The system is probably set up that way on purpose to discourage automated bots from pounding on the site constantly, and ensure that the browser visiting the site is actually a human.
— Sent from my iPad > On Jan 6, 2023, at 14:55, Paul Kosinski via clamav-users > <clamav-users@lists.clamav.net> wrote: > > I occasionally see a similar message from sites other than clamav.net saying > something equivalent to Cloudflare's "review the security of your connection". > > The phrasing is pure gaslighting. It isn't for *connection* security -- HTTPS > provides *that*. What it really means is that the site is trying to search > your computer by running some Javascript (which I block by default via > NoScript, thus causing the message). They assume, probably correctly, that > most visitors will think it's for *their* benefit After all, security is > good, isn't it? > > Why can't Cloudflare et al be honest and say that they're trying to avoid > Denial of Service attacks and other bandwidth overload? > > > >> On Thu, 5 Jan 2023 10:18:38 -0500 >> Kris Deugau <kdeu...@vianet.ca> wrote: >> >> I went to load a semi-bookmarked page for signature writing >> (https://docs.clamav.net/manual/Signatures.html), but it failed and kept >> reloading Cloudflare's "security check" voodoo. >> >> (Side question to pass up the chain at Cisco/Talos - is there a knob >> that can be twisted somewhere to force that check to run exactly once, >> then stop? I can't imagine any scenario where running it over and over >> and over has any benefit to anyone. [And for bonus points, display an >> error message that gives some sliver of a hint what >> beyond-the-bleeding-edge headacheware the site or its security provider >> insist on relying on this week.]) >> >> I then tried to load the main site, https://www.clamav.net, which also >> went into the same loop. >> >> I usually use Seamonkey (all-in-one Mozilla suite). I tried Konqueror >> which seemed to load things up fine. >> >> Since starting to write this and putting it aside, I've come across a >> small handful of other sites with the same issue, including one case >> where the base site triggered the issue but a directory under the base >> site did not. Since I'm *not* seeing it across a large number of sites, >> it's pretty clearly some specific security option in Cloudflare causing >> the failure. >> >> -kgd > _______________________________________________ > > Manage your clamav-users mailing list subscription / unsubscribe: > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/Cisco-Talos/clamav-documentation > > https://docs.clamav.net/#mailing-lists-and-chat _______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat