Your service does not work when client have adblock, also tries to download virus?

Before a page is opened, you need to disable adblock, and activate javascript or the page is not loading properly.
Avast antivirus detected a suspicious file being downloaded after enabling javascript and disabling adblock.
Autoinstaler does not work properly or is extremly slow, cause i could not create a wordpress instalation.

If i want to delete my account, i need to wait 60 days to do so cause you put the limit i must not have an active web hosting account, don’t think this follows with GDPR, since i want to cancel my personal data and email now, and is absurd to wait up to 60 days…

To sum up: suspicious javascript before actually going to web site, suspicious antivirus catch, probably ads cause i needed to disable adblock for the page to load… I’ll say this service is not worth even if you pay me to make a web in it, and I know that in 3 minutes of use.

Please let honest companies do the work or find out a way not to do funny bussines with ppl websites.

AES.JS? It’s not suspecious. The reason that you’ve to enable JS-cookies is because A javascript code has to be executed to check if the visitor is browser, then it’ll redirect you to your actual content with ?i=1 at end.

It seems something related to ADS and content of your site, not host.

It’s because of legal reasons, hackers and trolls remove their accounts quickly because of the content they host in, So it won’t remove quickly.


Antivirus just blocked javascript downloading file (maybe something is added or maybe some file just give false possitive i don’t know), not my code for sure i just click on autoinstaler to create a wordpress which i could not access. GDPR is not satisfied if you wait 60 days to delete personal data i belive, but the thing that is making this process painful for me is that i cannot delete my account until my webspace is deleted, i don’t care if you have to keep a record is the fact i cannot cancel my personal data now or at least take action to be deleted as soon as those legal reasons are fullfilled. I could not even start to use the service, i did not upload anything, i just wanted a test enviroment and if the sistem is good maybe host my page. Is just sad how good free services has become useless in 5-10 years but i undestand you have to take action to prevent abuse, but it also mean this is not my service.

PS: i did have more services with AES.js and did not have to dissable adblock, something is suspicious about that.

The aes.js JavaScript file is a part of the InfinityFree security system to protect both the free hosting servers and client’s websites. One purpose of that JavaScript file is to ensure that your site can only be accessible by real humans who are accessing your site through a browser that can execute JavaScript and to block access to any requests from bots or anything that cannot execute JavaScript.

1 Like

you do realize that in the end hackers will use a js interpreter and acces anyway but we all will have to deal with recapcha, aes.js and the rest of the nonsese?

just like most ppl is fed up with google making us to pick bridges…

Our pages do use Javascript, so if you disable Javascript, many of our sites won’t work or won’t work correctly.

While we would prefer you didn’t block our ads, we’re not actively blocking ad blockers. Most ad blockers should not break our website. However, ad blockers do interfere with scripts on the pages you visit, so some ad blockers may cause unexpected side effects.

We’ve had problems before with Avast blocking some of our content because of an error on their part. I wouldn’t be surprised if that happened again.

That said, would you mind sharing which “suspicious file” they actually blocked?

That’s not intentional. Would you mind sharing in what way it’s not working properly? What do you see exactly?

The GDPR “right to be forgotten” has quite a long list of exceptions. We are required by law enforcement to keep records for a while, which is one of those exceptions.

It would be more absurd if someone used our hosting to do bad stuff and we would just let the fraudster remove all evidence whenever they want. And that we would later have to refuse a warrant from police because we deleted all evidence per the fraudster’s request.

Especially when paid hosting companies have to keep financial records for many, many years because, again, it’s required by law.

Data retention required by law always takes precedence over GDPR.

Like almost all security systems, it won’t stop a dedicated hacker who knows the system and who is actively trying to work around the challenge. But the vastly overwhelming majority of hackers use simple HTTP calls in a programming language of their choice instead of firing up full browser instances. Our system works quite well to deter these kinds of low effort attacks.

Security systems don’t need to be perfect to be effective.

The aes.js is quite nice in that regard in that it’s not verify noticeable to visitors. They just click a link to your site or type in the address and they will see your page. No interstitial challenge pages, no captchas. Not sure why you’re bringing ReCAPTCHA into the discussion, because we don’t use that on customer sites.


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.