HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Accessing Vanillaforums.org shows Chrome Malware Door

phreakphreak Vanilla*APP (White Label) & Vanilla*Skins Shop MVP

Hi all,

Especially @Tim, @Todd and @Lincoln. Very often when i try to access Vanillaforums Chrome shows me a red site warning not letting me access the website. It lays out that there is a misconfiguration on the server or a hacker is trying to trick me into something. You should definitly check this warning out.

By the way. The mobile version of the Vanillaforums.org startpage hides the main menu on top halfway.

Both problems are here since months.

  • VanillaAPP | iOS & Android App for Vanilla - White label app for Vanilla Forums OS
  • VanillaSkins | Plugins, Themes, Graphics and Custom Development for Vanilla

Comments

  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    That is odd because you would need to be using something like a WOT app browser extension that you rate websites with and have settings to warn you etc etc. Usually they are wrong. And only based on your settings.

    What you have there is a false positive, have you any extension on chrome that would give warning like that? Or antivirus with tool similar to WOT app ?

    I don't get that warning at all on any browser pc or mac

  • phreakphreak Vanilla*APP (White Label) & Vanilla*Skins Shop MVP
    edited August 2013

    From what i know these screens are default on Chrome and Firefox and don't come in with an addon. Here is the screenshot. The warning appears especially if i'm coming from Google searches to Vanillaforums.org, because i usually search for forum entries with Google.

    • VanillaAPP | iOS & Android App for Vanilla - White label app for Vanilla Forums OS
    • VanillaSkins | Plugins, Themes, Graphics and Custom Development for Vanilla
  • R_JR_J Ex-Fanboy Munich Admin

    It is a problem with the signature. You can proof that by just opening https://www.vanillaforums.org

  • vrijvlindervrijvlinder Papillon-Sauvage MVP
    edited August 2013

    yes the default setting for known malware sites, this checks against a list of already flagged sites as far as I know , it does not test the site for malignancy . try disabling

    Enable phishing and malware protection from chrome . I have it enabled but still no warning....

    Lets say it happens, it is just a warning, it does not prevent you from accessing the site. The buttons there say access site anyway even after warning. I think this is caused by your antivirus. Do you use Avast? Maybe you should whitelist , or put on trusted sites list this website to avoid the warnings....

  • vrijvlindervrijvlinder Papillon-Sauvage MVP
    edited August 2013

    As far as I know this site is not encrypted, so trying to access it via https,browser asks for the ssl certificate which it does not have or recognize. That is not a malware warning.

  • ShadowdareShadowdare r_j MVP
    edited August 2013

    I have run into this problem before. Some search results on Google link to the https protocol of this site and changing the link to the http protocol would stop the error from showing up.

    Add Pages to Vanilla with the Basic Pages app

  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    The ssl certificate check , I suspect it is a marketing extortion so you fork out the cash to make your site encrypted...

  • @vrijvlinder said:
    The ssl certificate check , I suspect it is a marketing extortion so you fork out the cash to make your site encrypted...

    No. Anyone can make their site encrypted, this has to do with being a trusted source.

    http://en.wikipedia.org/wiki/Certificate_authority

    grep is your friend.

  • there is no need to use vanilla over secure http, for information you are putting into the public anyway.

    grep is your friend.

  • vrijvlindervrijvlinder Papillon-Sauvage MVP

    right, but do you also think this is what triggered a malware warning for phreak ?

    Usually just a small dropdown appears about a lacking certificate when trying access via https instead of http. But no malware warning only that identity could not be confirmed.

  • vrijvlindervrijvlinder Papillon-Sauvage MVP
    edited August 2013

    ok I was able to reproduce in chrome , it thinks this:

    "Google Chrome can say for sure that you reached .vanillaforums.com, but cannot verify that that is the same site as www.vanillaforums.org which you intended to reach. If you proceed, Chrome will not check for any further name mismatches."

    You have to clear the cache and cookies to get the message again if you clicked go ahead before.

    It says it knows for sure lmao , yea right....it is not a malware warning at any rate. It is an identity warning.

  • LincLinc Detroit Admin

    Yes, .org doesn't have an SSL cert.

  • phreakphreak Vanilla*APP (White Label) & Vanilla*Skins Shop MVP

    Great investigation. I just wanted to mark that, as probably some users who come here via a Google search will fall into this trap believing that Vanillaforums isn't such secure or something. Yo never know.

    • VanillaAPP | iOS & Android App for Vanilla - White label app for Vanilla Forums OS
    • VanillaSkins | Plugins, Themes, Graphics and Custom Development for Vanilla
Sign In or Register to comment.