Why can't client access my website ? Help!

Get some feedback on your site or ad from other rental owners and techies. Also a library of online resources so you can make DIY improvements to your web presence.
User avatar
danglar
Posts: 12
Joined: Mon Dec 13, 2004 1:38 pm
Location: normandy, france
Contact:

Why can't client access my website ? Help!

Post by danglar »

Hello ! I hope you can throw some light on this.
I have advertise on a magazine for years but this year I have been receiving fewer enqueries than ever. I could not understand why then I started receiving emails from potential clients advising me they could not access my website. I do not understand how this could be as I can access it without any problems ! The address (www.maison-rene.co.uk) on my advert is correct so what can it be ?
Would you kindly look at the site and (for the expert people) advise me on what might be there that may cause the site rejection in some people's computers ?
I have noticed that if I type simply maison-rene.co.uk in firefox the website is rejected when in my experience there is no need to type www. in from of it when searching in Firefox.
Helpppppp!! July & August months are still empty when in fact these used to be fully booked by January .

Thank you
Martha
Posts: 2289
Joined: Sun Apr 16, 2006 7:01 pm
Location: Chamonix

Post by Martha »

I get a 'malicious content' warning from Google when trying to visit. I think you probably have some software which is causing problems - java slideshow perhaps? Have a think what it might be, and remove it....
Chalet la Foret, Chamonix
KathyG
Posts: 3274
Joined: Sat Jan 28, 2006 9:31 am
Location: Le Faou, Brittany
Contact:

Post by KathyG »

Worked ok for me, does that mean I have a useless firewall....? :roll:
Kathy
Waterfront location in Le Faou
"My goal in life is to become as wonderful as my dog thinks I am."
User avatar
paolo
Posts: 3885
Joined: Thu Jun 17, 2004 1:18 pm
Location: Provence, France
Contact:

Post by paolo »

I was blocked from visiting the site by Norton Antivirus. The risk name is given as HTTP Malicious Toolkit Variant Activity. I'm afraid this means nothing to me.

If you look this up on the Symantec site (the company behind Norton) it says:
HTTP Malicious Toolkit Variant Activity

Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description
This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

Additional Information
This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

Affected
Various

Response
Update all vendor patches to the latest versions.

Possible False Positives
There are no known false positives associated with this signature.
This also means very little to me but I am sure someone more technical can tell you what you should do to remove it from your site.
Paolo
Lay My Hat
e-richard
Posts: 5008
Joined: Sun Oct 17, 2004 11:33 am
Location: Algarve, Portugal
Contact:

Post by e-richard »

I looked at the source and there is some very suspicious code immediately after the body tag. If you can edit the HTML and remove everything between the body tag and the first sentence, it may be OK.

If you don't understand what I am saying, please do get someone to help urgently. Also, my explanation may not be the entirety of the problem.
** Richard
PIMS: Holiday Rental Management system
They say we learn from our mistakes. That makes me a genius !
User avatar
pambon
Posts: 2959
Joined: Thu Apr 24, 2008 2:25 pm

Post by pambon »

Page Not Available was what I got.
User avatar
pambon
Posts: 2959
Joined: Thu Apr 24, 2008 2:25 pm

Post by pambon »

Tried again and a big red Infected warning popped up. Threat: Exploit WebAttacker

Hope this helps.
User avatar
danglar
Posts: 12
Joined: Mon Dec 13, 2004 1:38 pm
Location: normandy, france
Contact:

Post by danglar »

e-richard wrote:I looked at the source and there is some very suspicious code immediately after the body tag. If you can edit the HTML and remove everything between the body tag and the first sentence, it may be OK.

If you don't understand what I am saying, please do get someone to help urgently. Also, my explanation may not be the entirety of the problem.

My God!
I can see what you are referring to Richard and I have just now deleted that hugely long array, plus I have uploaded the freshly new page up just now.

Can everybody who got the infection warning try and access the website again , pleeeeasy.
User avatar
pambon
Posts: 2959
Joined: Thu Apr 24, 2008 2:25 pm

Post by pambon »

Yep OK now. I was reading about the WebAttacker - it's a Russian malware that is embedded into the HTML code and is pretty vitriolic according to reports.
User avatar
greenfrog
Posts: 885
Joined: Sun May 21, 2006 9:08 pm
Location: Paris, France

Post by greenfrog »

I just went on now and the home page opened up just fine.

However, you have pop-up ads, which may put people off. I have my IEx set to reject pop-ups unless I choose to allow them. So potential inquirers might be turned off by the idea of having to allow pop-ups - esp as it seems clear they're unlikely to be part of your website.

I can only assume it's part of whatever ad package you have.
Lounging on the lily pad...
User avatar
danglar
Posts: 12
Joined: Mon Dec 13, 2004 1:38 pm
Location: normandy, france
Contact:

Post by danglar »

greenfrog wrote:I just went on now and the home page opened up just fine.

However, you have pop-up ads, which may put people off. I have my IEx set to reject pop-ups unless I choose to allow them. So potential inquirers might be turned off by the idea of having to allow pop-ups - esp as it seems clear they're unlikely to be part of your website.

I can only assume it's part of whatever ad package you have.
The only thing that perhaps would cause the pop up to appear is the stats link by webstats (you have to scroll down to see it). It has been there since...well nearly 5 or 6 years ago and it is a pretty good "free" stats program.
I will remove it, nevertheless. I have a stats link and other adverts on the second page too (www.maison-rene.co.uk/photos.htm).
Does that page also throw out pop ups ?
User avatar
danglar
Posts: 12
Joined: Mon Dec 13, 2004 1:38 pm
Location: normandy, france
Contact:

Post by danglar »

e-richard wrote:I looked at the source and there is some very suspicious code immediately after the body tag. If you can edit the HTML and remove everything between the body tag and the first sentence, it may be OK.

If you don't understand what I am saying, please do get someone to help urgently. Also, my explanation may not be the entirety of the problem.

Richard, thank you ever so very much for your advice.
You would not know how to prevent the website from being attacked again ,would you ?
I will monitor it once a week but if there is a software or any other thing available it would save a lot of hassle.
For months I have been receiving spams which were using my own website email address (yes!!) and I could not understand why. I suppose these will now stop.

Best regards
e-richard
Posts: 5008
Joined: Sun Oct 17, 2004 11:33 am
Location: Algarve, Portugal
Contact:

Post by e-richard »

Glad to have helped, but I'm pleased to say that I have no idea how these cretins manage to do their evil work. Not a talent I have attempted to acquire.

Your web host should be of some assistance. You could try their support link as I suspect it shows up a hole in their security.
** Richard
PIMS: Holiday Rental Management system
They say we learn from our mistakes. That makes me a genius !
User avatar
pambon
Posts: 2959
Joined: Thu Apr 24, 2008 2:25 pm

Post by pambon »

I have an idea that Microsoft has a patch for this; try googling it to see what comes up, can't be sure though.
User avatar
paolo
Posts: 3885
Joined: Thu Jun 17, 2004 1:18 pm
Location: Provence, France
Contact:

Post by paolo »

I got a pop-up for Virgin Mobile which I find so off-putting I probably would navigate away from the site.

To stop further changes to your html, I don't know if this is enough, but when it happened to me I changed the FTP password to something more difficult to guess, and it has not happened again.
Paolo
Lay My Hat
Post Reply