McAfee Warning For Some Of Our Sites
 

As I was checking links today, I found something very upsetting. I was getting a McAfee warning when hitting a few sites.....

LOR
http://cleos-porn-links.com/
http://www.erotictona​ughty.com

I have not changed settings for McAfee, and I've been hitting other porn sites today fine with no problems.

Cleo & Robert, I will private you the link for the site report.

The Green one is already on it.

Yes I am :) Here's what I've done so far:

Nymph gave me this link from the McAfee warning page:
http://www.mcafee.com/threat-intelli...nk-o-rama.com/

On the right of that page, there's a Next Steps tab, where I selected Dispute a URL or Classification.

On there, I selected McAfee Site Advisor / Web Advisor & put http://www.link-o-rama.com/ in the URL box.

It came up saying my Categorization was:
- Malicious Sites
- Pornography

Now, I don't care about the porn thing if people want to be warned they are going to a porn site, but the Malicious Sites thing pisses me off, being the kind & caring webmaster that I am :)

It then says:
So I emailed them:
That was about an hour ago, so if/when they do reply, I'll let everyone know |shake|

Same threat on my site
http://www.mcafee.com/threat-intelli...orn-links.com/

OMG, I'm a porn site.

I'm guessing mcafee's default setting is to warn about porn.

First thank Nymph for the heads up!

Mine has Web Category: Malicious Downloads

I have not changed anything on that page, template driven page, in 6 months.

My next thought was, we are all using colo-cation servers (I believe) now owned by mojo and wonder if that has something to do with it.

Then again I'm a newb so what do I know |couch|

http://www.megapornlinks. ... Categorized URL - Pornography
Minimal Risk

Nothing to do but send the dispute emails - it usually takes them a few weeks to clear it.

Trouble is that there isnt necessarily anything wrong at all, if a certain number of complaint emails are reached they categorize it automatically ...thus a small malicious campaign by someone with a grudge can trigger it (...so can actual malware of course, but if youve scanned and is busy pulling hairs out as there is none, that might be the reason)

I wondered about that as well.

I will say that under erotictonaughty there are pages listed as minimal because of porn but others listed as high risk with malicious downloads as reason. What I can see the differences between those pages are that the high risk pages have potd images from sponsors.

Then again others listed here just have lists and they are flagged high risk with malicious sites as reason and have no potd's |huh

Unfortunately I am away from work computers for a period of time so it will just have to sit there for now and so be it.

You're welcome Robert :)

Like I said, it's not doing it for all porn sites. I don't know what their problem is.

If I happen to hit any other ones, that I know are from the board, I'll give them a heads up too.

i checked a few sites, and all are either 'porn and minimal risk', or 'porn and not verified'.

is it possible a listed site that has a bad reputation can affect the site listing it?

I didn't think about that, I sure hope not!

Most of my sites are listed as High Risk as well. It appears that most porn sites, especially those linking to other sites like a TGP or link list, are flagged.

I suspect that surfers will quickly figure out that it's flagging porn sites that aren't malicious and will ignore the warnings, disable them, or change AV software.

Checking my traffic stats, I'm not seeing any significant sudden drops in traffic within the last few months that would correspond with a change made by McAfee.

These are great sites to check yours:

https://sitecheck.sucuri.net/
http://www.tcpiputils.com/
https://myip.ms/

We use them and some others along with our host and CDN provider to track and blacklist/block the bad guys.

I notified a couple of you guys about possible injections on your sites.
There is always the chance for false positives too right?

We started running some tests on our server a couple weeks back.

Found some injections.
Have cleaned them up. Have been updating and securing around the clock.

Check out mal detect and clamav server-scanner software. Host should have it or something similar depending on your server config.

If anyone uses wp, I recommend the sucuri plug in as well as wordfence. Both can log and check whose trying to brute force your admins. Plus it can stop them in as little as 1 try. We use 2 or 3 attempts before banning.

Inn our case they were looking for dormant/semi dormant sites and tried to squeeze their BS in those first. Unfortunately it worked.

Best of luck!

According to sucuri your site has been hacked via iframes.

My network all links to other link lists (though fewer now than before). My network is all listed at minimal risk - pornography. Maybe I just need to try harder? Even my oldest, most neglected domain was clean. Sigh.

But that is not the case at all. They're using some suspect methods if this many non-malicious sites are being flagged.

Well, I would not be using McAfee at all. Far better services out there. Use semrush or something. Maybe it is someone you link to or linking to you causing the issue. Bad neighborhood thing.

Same here and sales are right where they have been for the last 6 months so I'm not that worried about it anymore.