Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
954
Views
0
Helpful
1
Replies

IronPort Blocks My Website as Malware

sbowne
Level 1
Level 1

‎02-01-2016 04:13 PM

I have been invited to teach some workshops in Houston. However, the people promoting them informed me that potential students are unable to examine my class materials because their corporate security device blocks my website. Here's the message they see:

Provided by ECDCIronPortC
Date: Thu, 28 Jan 2016 16:15:41 GMT
Username: REDACTED@Active_Directory
Source IP: REDACTED
URL: GET https://samsclass.info/128/HCC_16.shtml
Category: Computers and Internet
Reason: BLOCK-MALWARE
Threat Type: othermalware 
Threat Reason: Domain reported and verified as serving malware. Identified as malicious domain or URL. 
Notification: WBRS

How rude! My site is not hosting malware. It passes the tests listed below. Why is Cisco blocking my site?

Sucuri, Mcafee, Google, and Qualys all find no problem with my site.  Details are here:

https://samsclass.info/125/proj11/ironport-sam.htm

What's going on?

Labels:
0 Helpful
1 Reply 1

Handy Putra
Cisco Employee
Cisco Employee

‎02-01-2016 10:30 PM

Hi,

We have checked our reputation database, we can see domain samsclass.info is actually in 'neutral' zone from our database and by default should be accessible.

Unless the cisco appliance that used as web proxy to access the site has changed the default reputation scoring that can cause false positive case.

Regards

Handy Putra

0 Helpful
Customers Also Viewed These Support Documents