By doing a scan of my own

Brunoabc · June 4, 2024, 12:08pm

website on “virustotal” I noticed something … strange.
If I do a scan with my site URL without the https:// virus total says:
“No security vendors flagged this domain as malicious!”
perfect.

If I put the entire URL with https:// (because I’m using Let’s Encrypt 's free SSL certificate)
then I get this response… every security vendor company says: Clean!
Except one.
CRDF, a french indipendent IT security lab. Which says my site is malicious. What?

So I went to their site and check their (rather strict) criteria for detection…
and at first I was thinking that maybe it didn’t comply their criteria because I still didn’t bother implementing all that bullshit about GDPR compliance etc… because I’m not using a CMS. I’m not collecting data… nothing.
But that wouldn’t explain why, without the “https” the site passes as “clean” to CRDF too.
So… could it be ,by exclusion, that the one thing that is getting my site to be flagged as malicious is the SSL certificate?

Greenreader9 · June 4, 2024, 1:10pm

You do need to by compliant with GDPR if you are collecting any sort of PII, even if it’s just a contact form.

As for the SSL warnings, the checking service you used probably got blocked from accessing your website due to this security system:

Brunoabc · June 4, 2024, 1:44pm

The certificate seems to be installed correctly, the padlock appears… and by using
SSL Checker it says it’s in working order, except the last point where it shows this warning:

“### The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. The fastest way to fix this problem is to contact your SSL provider.”

sussteve226 · June 4, 2024, 1:49pm

Unrealated, but does my website also need to be GDPR and COPPA compliant?

Greenreader9 · June 4, 2024, 2:21pm

That’s normal:

Yes. If you serve users in those regions, you must comply with the law

Admin · June 5, 2024, 8:57am

Please note that CRDF is flagging your site as malicious. They have flagged your site, based on their rules and their checks.

Both we and you can speculate about why they might have done this. But only CRDF could actually know why this happened.

If you say that your website is safe, maybe you can report this as a false positive to CRDF?

Brunoabc · June 5, 2024, 10:15am

Yes, it would be reasonable to ask and easier to identify what the problem is. But this is what they say in their contact form:

Blockquote CRDF Labs never indicates exactly why a URL is embedded in our database.
Please make sure to check that our FAQ/procedures do not answer your questions/query before contacting us. As a reminder, if your website has been added to our databases and you contact us, you will not receive a response from us.

I guess I will make it GDPR / COPPA compliant , read again their detection criteria and see if there could be anything else. And then I will report as false positive.
( I’m absolutely sure it’s not “infected” by malwares or anything like that. In fact if I do a scan of my url using their system it just says that it “doesn’t meet their criteria”.
But under “Threats found on the website” is written: “Nothing to display yet.” )

lovebug · June 17, 2024, 9:53pm

virustotal has got some pretty rough reviews here along with some 5 star this is the greatest thing ever

system · July 2, 2024, 9:53pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.