Jump to content

Our website static files bucket, hosted on Amazon Web Service S3, is getting blocked [Closed]


RemyAlves
 Share

Go to solution Solved by Schulte,

Recommended Posts

We have several customers complaining to us about weird display on the website, not being able to browse through it, and so on. After some research, we found out that all customers impacted are using Kapersky. Kapersky is blocking the downloading of the static files needed for the website to run (style, script, and so on). There's nothing particular here, thousands of websites use Amazon Web Service S3 to host their static files, and it seems like you block Amazon url for no reason, impacting a lot of businesses. I'm pretty sure there's nothing dangerous for the user in our couple CSS and JS files, particularly downloading them while they come on our website by their own choice. That's just a basic way to run a website... We are unsure what to answer them. We tried to guide them on how to unblock us, but it seems quite complicated for people who don't know their way around a computer. And also, it cost us a lot of ressources to do the assistance for your services. Until this is solved, we are guiding them on how to switch to an other antivirus not blocking our website, because I do believe you are the only one struggling with AWS S3...
Link to comment
Share on other sites

We are unsure what to answer them.
Hello RemyAlves Welcome! It is true, thousands of sites use Amazon Web Service S3 hosting services. It is also true, sometimes, sites hosted by Amazon Web Service S3 are unsafe. On the other hand, it can be true, www's or embedded links on those sites, detected by Kaspersky software, are false positives.
  1. The solution is simple:
  1. With Kaspersky software running, go to the sites being detected, then go to Kaspersky application, choose REPORTS > Detailed Reports > export REPORTS, save as TEXT files, upload the reports, using the UPLOAD icon in your reply.
  2. Also, using the TOOLs available at Kaspersky Virus Lab, you may wish to submit the detections, ask the Lab to analyse & verify the detections, if the detections are false positives, Kaspersky will fix, if unable to be fixed, Kaspersky Lab will tell you why.
  3. Also, other online sites are available, data can be analysed by 70 engines, that will give you immediate information that you can use to either support your case when engaging with Kaspersky or inform you as to why the detections are happening.
Thank you.
Link to comment
Share on other sites

  • 2 weeks later...
I do not have Kapersky, we are just a third party impacted by this false-positive issue. Our customers do through, but it's complicated for us to ask them that report. I've sent it to the Kapersky Virus Lab, and after the automatic email saying it is safe, and the "We will thoroughly analyze URLs you sent.", I never had any news... Being waiting for almost two weeks already. Also, here are two reports saying that we are completely safe. What are the next step to get our website unblocked asap?
Link to comment
Share on other sites

(1) I do not have Kapersky, we are just a third party impacted by this false-positive issue. (2) Our customers do have Kapersky, but it's complicated for us to ask them that report. (3) I've sent it to the Kapersky Virus Lab, and after the automatic email saying it is safe, and the "We will thoroughly analyze URLs you sent.", I never had any news... Being waiting for almost two weeks already. (4) Here are two reports saying that we are completely safe. (5) What are the next step to get our website unblocked asap?
Hello RemyAlves, Please provide an exported report as I requested in my reply 11 days ago. Thank you.
Link to comment
Share on other sites

You do realize, as I wrote pretty much couple times already, that I do not own Kaspersky, nor have it installed. Only our customers does, and I don't have access to their computer as you should guess. The screen you are pointing at is, again as said previously, a screenshot sent by one of our customer. Is it a "lost in translation" situation, or a lack of reading / attention going on here? And no, @Schulte did not asked me to export the report, because he read my post and understood that I can NOT do that. Please do not participate in this conversation anymore if it's not to add any solution to the mix, and just stutter that I need to export a report that I can not get my hands on.
Link to comment
Share on other sites

  1. You do realize, as I wrote pretty much couple times already, that I do not own Kaspersky, nor have it installed. Only our customers does, and I don't have access to their computer as you should guess.
  2. The screen you are pointing at is, again as said previously, a screenshot sent by one of our customer.
  3. Is it a "lost in translation" situation, or a lack of reading / attention going on here?
  4. And no, @Schulte did not asked me to export the report, because he read my post and understood that I can NOT do that.
  5. Please do not participate in this conversation anymore if it's not to add any solution to the mix, and just stutter that I need to export a report that I can not get my hands on.
Hello RemyAlves, Yes, I do realize. I don't need to guess. I read everything you wrote. Nothing is lost in translation. Everything is crystal clear. Thank you.
Link to comment
Share on other sites

  • Solution
Hi RemyAlves, in the meantime, I was able to reproduce the problem. Amazon Web Service S3 is not completely affected, only your subdirectory 'xxxxxxxxxxxxxxx.s3.amazonaws.com/public/'. The Anti-Virus Lab has been informed and will re-examine the site. The result may take some time, I will pass it on as soon as possible EDIT:
Hello, URL was removed from blacklist. It will be fixed in the next update. Thank you for your help. Best regards, Xxxxxxxxxx Xxxxxxxxx, Malware Analyst
Link to comment
Share on other sites

Hi RemyAlves, you're welcome. How it happened will probably remain the secret of Kaspersky. It was probably simply a 'false positive' of automatic detection. As far as I know, other users' ratings are not taken into account. I'm sorry it happened to you. You can't avoid such problems, they will probably occur in the future (but hopefully not on your site again)...
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.