Getting Malwarebytes warnings on this site

Discussions about the forum and contents
Post Reply
JBTX
Posts: 1259
Joined: Wed Jul 26, 2017 12:46 pm

Getting Malwarebytes warnings on this site

Post by JBTX » Sun Oct 08, 2017 9:49 pm

...for the first time.

"Website blocked" messages.

"you may exclude sites or applications from website protection by clicking manage exclusions"

Any idea what this is?

User avatar
LadyGeek
Site Admin
Posts: 40422
Joined: Sat Dec 20, 2008 5:34 pm
Location: Philadelphia
Contact:

Re: Getting Malwarebytes warnings on this site

Post by LadyGeek » Sun Oct 08, 2017 10:04 pm

This site is fine, no exclusions are needed. The first step is to clear out your browser cache.

FYI - Clearing browser cookies will log you out.
To some, the glass is half full. To others, the glass is half empty. To an engineer, it's twice the size it needs to be.

User avatar
Driver
Posts: 197
Joined: Wed May 27, 2009 3:18 pm

Re: Getting Malwarebytes warnings on this site

Post by Driver » Sun Oct 08, 2017 11:35 pm

I'm running Malwarebytes (Premium) on Windows 10 and haven't received any warnings regarding bogleheads.org ever. I'd restart whatever device I was using to access bogleheads.org and try accessing only the site after the reboot and see what happens.

User avatar
Sandtrap
Posts: 1693
Joined: Sat Nov 26, 2016 6:32 pm
Location: Hawaii😀 Northern AZ.😳

Re: Getting Malwarebytes warnings on this site

Post by Sandtrap » Sun Oct 08, 2017 11:45 pm

Running Mac OS sierra 10.2
No Malware on this site.
Shared experiences to benefit all -- not an exspurt -- per forum guidelines :) Golf score allocation 50/50 swings vs putts.

User avatar
Sheepdog
Posts: 4730
Joined: Tue Feb 27, 2007 3:05 pm
Location: Indiana, retired 1998 at age 65

Re: Getting Malwarebytes warnings on this site

Post by Sheepdog » Mon Oct 09, 2017 12:17 am

Driver wrote:
Sun Oct 08, 2017 11:35 pm
I'm running Malwarebytes (Premium) on Windows 10 and haven't received any warnings regarding bogleheads.org ever. I'd restart whatever device I was using to access bogleheads.org and try accessing only the site after the reboot and see what happens.
Same thing here with Windows 7..no problem
People should not say everything they think. They should think about everything they say.

User avatar
djmbob
Posts: 319
Joined: Thu Mar 15, 2007 6:16 pm
Location: Tulsa OK

Re: Getting Malwarebytes warnings on this site

Post by djmbob » Mon Oct 09, 2017 1:06 pm

In support of JBTX, during this current browsing session, Malwarebytes popped up twice with a message "Malicious website blocked"... but I was still able to keep browsing posts.
Cheers
Ray

inbox788
Posts: 4099
Joined: Thu Mar 15, 2012 5:24 pm

Re: Getting Malwarebytes warnings on this site

Post by inbox788 » Mon Oct 09, 2017 3:17 pm

Sometimes a site itself is fine, but links or embedded content, such as ads are malicious. Does it depend on which page you are loading or intermittent with same page? When a banner ad is rotated, the bad site might only come up some of the time. Don't do anything, but reload the page to fix. Don't give unnecessary permissions that exposes you to more malware.

User avatar
LadyGeek
Site Admin
Posts: 40422
Joined: Sat Dec 20, 2008 5:34 pm
Location: Philadelphia
Contact:

Re: Getting Malwarebytes warnings on this site

Post by LadyGeek » Mon Oct 09, 2017 4:19 pm

I agree with others that you should never give permission to override a malware warning.

There are no ads anywhere on this site. I'm guessing it's a side effect from another website mixing in the browser cache.

If the error recurs, what is the exact message?
To some, the glass is half full. To others, the glass is half empty. To an engineer, it's twice the size it needs to be.

jebmke
Posts: 6669
Joined: Thu Apr 05, 2007 2:44 pm

Re: Getting Malwarebytes warnings on this site

Post by jebmke » Mon Oct 09, 2017 4:21 pm

I always have the browser flush the cache when I close it. On some machines I have ccleaner flush it automatically when I boot. I find that the speed of most internet makes the cache not as valuable as it used to be.
When you discover that you are riding a dead horse, the best strategy is to dismount.

User avatar
oldcomputerguy
Posts: 1796
Joined: Sun Nov 22, 2015 6:50 am
Location: In the middle of five acres of woods

Re: Getting Malwarebytes warnings on this site

Post by oldcomputerguy » Mon Oct 09, 2017 5:02 pm

I'm running Linux here, so no experience with Malwarebytes (other than at my former workplace). But it did occur to me to wonder, and I admit I'm grasping at straws here... there's a setting in Chrome that allows Chrome to prefetch pages that are linked in the page currently being browsed. Is it possible that a page that is linked to from the current page is actually what is tripping Malwarebytes?
Anybody know why there's a 20-pound frozen turkey up in the light grid?

livesoft
Posts: 56381
Joined: Thu Mar 01, 2007 8:00 pm

Re: Getting Malwarebytes warnings on this site

Post by livesoft » Mon Oct 09, 2017 5:07 pm

How are avatar pics accessed and displayed?
This signature message sponsored by sscritic: Learn to fish.

User avatar
LadyGeek
Site Admin
Posts: 40422
Joined: Sat Dec 20, 2008 5:34 pm
Location: Philadelphia
Contact:

Re: Getting Malwarebytes warnings on this site

Post by LadyGeek » Mon Oct 09, 2017 6:18 pm

Clicking on a member's avatar will bring you to the profile page. (Must be logged in.) Use Firefox's "Inspect Element" or Chrome's "Inspect" to see how it's done.
To some, the glass is half full. To others, the glass is half empty. To an engineer, it's twice the size it needs to be.

User avatar
Driver
Posts: 197
Joined: Wed May 27, 2009 3:18 pm

Re: Getting Malwarebytes warnings on this site

Post by Driver » Mon Oct 09, 2017 7:33 pm

OP should be able to open up Malwarebytes and then go to Reports to see what IP address and domain were blocked.

JBTX
Posts: 1259
Joined: Wed Jul 26, 2017 12:46 pm

Re: Getting Malwarebytes warnings on this site

Post by JBTX » Mon Oct 09, 2017 8:05 pm

The MWB pop up would typically come about when I replied or posted. I tried it tonight and so far haven't been able to replicate it, even though I haven't cleared cache or anything.

I was/am using Firefox browser.

I googled the IP and found this. This picture is exactly the popup I am getting from MWB

https://forums.malwarebytes.com/topic/2 ... ck-popups/

User avatar
LadyGeek
Site Admin
Posts: 40422
Joined: Sat Dec 20, 2008 5:34 pm
Location: Philadelphia
Contact:

Re: Getting Malwarebytes warnings on this site

Post by LadyGeek » Mon Oct 09, 2017 9:42 pm

Malware bytes is explicitly reporting an IP of 104.27.126.62 (CloudFlare)? Hang on, this might make sense.

I suspect the path to the server is going through CloudFare - but it depends on your location and time of day. IOW, the network traffic is optimized and will change based on a lot of things.

Does anyone getting the Malware Bytes message know how to do a traceroute? It has to be from your PC, as the route taken to the server will change based on your location.

From my neck of the woods (Philadelphia), I'm not going through CloudFlare.

Background info on our server's home: Welcome home, Bogleheads.org. | Financial Page, February 14, 2017.

FYI - When you're hosted in one of the worlds' largest data centers, you can route traffic any way you want over many ISPs. I suspect this is why we experienced no interruptions during Hurricanes Harvey and Irma. Diversification works in engineering, not just finance.
To some, the glass is half full. To others, the glass is half empty. To an engineer, it's twice the size it needs to be.

User avatar
bertilak
Posts: 5600
Joined: Tue Aug 02, 2011 5:23 pm
Location: East of the Pecos, West of the Mississippi

Re: Getting Malwarebytes warnings on this site

Post by bertilak » Tue Oct 10, 2017 10:39 am

LadyGeek wrote:
Mon Oct 09, 2017 9:42 pm
Does anyone getting the Malware Bytes message know how to do a traceroute? It has to be from your PC, as the route taken to the server will change based on your location.
I get the malwarebytes warning when I go directly to image.ibb.co:
  • Tracing route to image.ibb.co [104.27.126.62]

    1 22 ms [52.93.24.74]
    2 0 ms [52.93.24.81]
    3 22 ms [54.239.111.46]
    4 0 ms [54.239.111.253]
    5 0 ms 13335.ash.equinix.com [206.126.237.30]
    6 0 ms [104.27.126.62]
ibb.co is a site that allows you to, as they say, "Upload and share your images." I suspect someone posted something on Bogleheads containing an image that is hosted by ibb.co. Just looking at that image will get you the Malwarebytes warning.

If I understand correctly, the "Type: outbound" means that your browser, in looking at the web page (e.g. a post on bogeheads.org) noticed that there was an image and sent (outbound message) a request to image.ibb.co to fetch the image. Malwarebytes was not happy with sending anything to/from that website!
Listen very carefully. I shall say this only once. (There! I've said it.)

User avatar
LadyGeek
Site Admin
Posts: 40422
Joined: Sat Dec 20, 2008 5:34 pm
Location: Philadelphia
Contact:

Re: Getting Malwarebytes warnings on this site

Post by LadyGeek » Thu Oct 12, 2017 3:52 pm

Thanks! We had a thread that triggered the warning: A good value wine I found....
bertilak wrote:
Tue Oct 10, 2017 10:39 am
If I understand correctly, the "Type: outbound" means that your browser, in looking at the web page (e.g. a post on bogeheads.org) noticed that there was an image and sent (outbound message) a request to image.ibb.co to fetch the image. Malwarebytes was not happy with sending anything to/from that website!
Using Chrome's Inspect Element, I confirm the browser is retrieving the image from ibb.co (GET method).

Upon further review, there is indeed justification to block this site. See: Blocked website - Website Blocking - Malwarebytes Forums

I replaced the image.
To some, the glass is half full. To others, the glass is half empty. To an engineer, it's twice the size it needs to be.

User avatar
Tortuga
Posts: 109
Joined: Sat Aug 16, 2008 9:51 pm
Location: Houston, Texas

Re: Getting Malwarebytes warnings on this site

Post by Tortuga » Thu Oct 12, 2017 4:27 pm

Great detective work by all!

Thanks,

Tortuga

JBTX
Posts: 1259
Joined: Wed Jul 26, 2017 12:46 pm

Re: Getting Malwarebytes warnings on this site

Post by JBTX » Fri Oct 13, 2017 9:57 pm

:sharebeer

Post Reply