Sorry if I seem a little flustered. Two of our volunteer testers have reported that our site contains virus as they called it! We ran various checks online and locally which was clean. AV Clam came up with a false positive which was verified by our host company(pickaweb) who confirm no problems with our site.
Interest in knowing why you guys feel the need to deter people from visiting our site before launch. Its a community based auction site for people to buy and sell locally!
Please respond ASAP as we will want to officially launch without a bad taste in our mouths
Thank you in advance
Steve C
www.sloughbay.co.uk
Oh, right, I see this too. In IE for some reason the blocking page won't let me continue to the site. Switching to Firefox, where SiteAdvisor is out of action, to check for scripts and geolocation info ...
In Firefox, your site is up, CPU is running at 99 per cent which is definitely a bad sign. Will have to kill this and come back in a bit
Definitely something wrong here. Firefox ran at 99% when your site was up. The only way to reduce CPU to normal was to use NoScript to class you as a Forbidden Site - ie, no scripts allowed to run.
LinkExtend shows a very large number of javascript files. There may be a problem in one of them, or it could simply be that you need to optimise the site. The SiteAdvisor block leads me to think that there's something in the code you need to review. I'll see what else I can find - there are specialist checking tools I put away for occasional use which are hiding somewhere. One of those might help.
Edit - Run it in a couple of different browsers in Developer/Testing Mode. Check the Error Console in each. Firefox is showing some errors but because I've had to disable so much of the scripting I don't know if I'm seeing all the errors or just a subset.
Message was edited by: Hayton on 20/11/12 20:48:33 GMTFor starters, you should correct the following errors detected by the W3C Validation Suite :
HTML5 Validation (86 errors, 15 warnings)
Notes and Potential Issues
The following notes and warnings highlight missing or conflicting information which caused the validator to perform some guesswork prior to validation, or other things affecting the output below. If the guess or fallback is incorrect, it could make validation results entirely incoherent. It is highly recommended to check these potential issues, and, if necessary, fix them and re-validate the document.
- Using experimental feature: HTML5 Conformance Checker.
The validator checked your document with an experimental feature: HTML5 Conformance Checker. This feature has been made available for your convenience, but be aware that it may be unreliable, or not perfectly up to date with the latest development of some cutting-edge technologies. If you find any issues with this feature, please report them. Thank you.
CSS Validation (33 errors, 1164 warnings)
Link Checks (5 errors, 57 links prevented by robot exclusion rules)
The large number of Javascript files makes your home page very slow to load and leads to excessive CPU usage. The results of one webpage loading analysis can be seen at http://www.webpagetest.org/result/121120_MF_NW1/ - click on the Waterfall on the left side for a detailed view. See also the Performance Review and Page Speed optimization Check - your site scores poorly on both.
I also found the following in two of my old posts about slow performance on this site -
There is a thread on the Jive forums about Javascript and performance problems which makes the point that slow loading can be because a firewall is examining all the Javascript that it finds during the download. Quite possibly, when any Javascript code on the webpage gets activated after the download, the AV software again kicks in to monitor it.
< ... >
... One piece of advice I noted was that javascript files cannot be executed concurrently with anything else, especially not with other javascript files. Makes sense, if you think about it. They have to be run - that is, interpreted - separately, sequentially, and slowly (interpreted scripts run slowly, relatively speaking).
If that is actually the case, having lots of javascript on your site might give rise to problems when it's passed to the anti-virus script checker. Maybe that's what's happening here.
None of which explains why SiteAdvisor is blocking your site, of course. In fact the block is because of an unexplained Medium Risk rating on TrustedSource, which otherwise has nothing to say about your site. The IP address gets a no-risk rating from TrustedSource but I haven't checked it yet elsewhere. For the moment check the site coding, it's the most likely source of the Yellow rating.
Thank you for all the effort that has gone into replying. I'm very impressed with that indeed. Just a couple of points.
I'm not saying were not grateful for your help here but none of what you proclaim suggests a good reason to be singled out. We have tested script - no threats. host checked - no treats. online checks - no threats. ... and you havnt actually told us of this risk.
Is this guilty until proven innocent? 'unexplained medium risk' my lawyer will have a field day with this. lmao!!!
Thanks again very much for all the responses today. genuinly impressed. I will be using those points you made and bookmarking the links for future references.
Nb. I have just temp. disabled the facebook and twitter plugin to see if this makes a difference to your test
Kind Regards,
Steve
Message was edited by: steven_c on 11/20/12 6:23:09 PM CSThttps://www.siteadvisor.com/sites/www.sloughbay.co.uk
http://www.mcafee.com/threat-intelligence/domain/default.aspx?domain=www.sloughbay.co.uk
SiteAdvisor took its rating from TrustedSource but TrustedSource seems otherwise to have no information about your site. Nevertheless it gives it a Yellow warning, which means Medium Risk only. I can only surmise that TrustedSource has picked up an alert from an external source, but I haven't been able to find anything about your site elsewhere.
http://www.siteadvisor.com/webmasters/index.html
Sites are rated yellow when, in our judgment, the site exhibits behaviors or has a history that we believe SiteAdvisor users would want to be aware of before or during a visit to that site. However, for yellow sites these factors are not as acutely severe as they are for a red site, or there are other mitigating factors that weigh in favor of a yellow rather than a red rating.
Many site scanners evaluate scripts on a website for threats and this does occasionally trigger a false positive alert, and your site has quite a lot of javascript. I had previously checked the site with the usual site-checking tools and they did not show any problems, so I was looking for a reason for a false positive. I thought I might have found one. The IP address certainly doesn't appear to be the cause of the rating, and I can't find any other sites with similar names that might have caused TrustedSource to flag you as a phishing site. If the site code is not at fault, the reason remains unknown and your best bet is to contact TrustedSource and ask them to explain why the site has a Yellow rating. Details of how to do so are here.
(As for the high CPU during download look at the CPU usage graphs on the webpagetest.org output. The Dublin server was used for this test, and although it runs IE7 - IE9 (so is probably Windows 7) it may be a few years old. That sort of CPU spike commonly occurs on older machines, and I do all the site testing on an old Dell precisely because it shows up potential performance issues. Also, as I mentioned previously, antivirus programs will scan scripts before they execute and this can lead to considerable extra processing.)
Thank you for help and advise. Greatly appreciated
Looks like its come to a dead end here. I cannot launch my business with this misleading message coming up. I cant convince my testers theres no danger so how can I convince the general public??
I will be persueing this heavily.
Thank you Hayton...
contact TrustedSource and ask them to explain why the site has a Yellow rating. Details of how to do so are here.
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership: