Site blacklisted?

[deathshadow]

Opera just popped up the malware listing when trying to visit this site -- so I checked a few sources and this site is on the blacklists for some reason.

You may want to look into that.

[WILL]

So who is the service that is shown to have blacklisted us? I keep hearing about it, but no one is able to indicate just who the service is. Opera uses 3rd party services and malware listings so just "Opera" doesn't help at all. I've scoured their website for the list of the services they use and I can't come up with a list on their site.

If anyone who uses Opera can give me a bit more detailed information, or even a screenshot for example, that would be great as I don't really have too much to go on to track down and resolve this issue. Thanks.

[simvector]

Looks like your in the SORBS Database.

1. I went here to get the site's ip address: http://intodns.com/pascalgamedevelopment.com
2. Then I went here to check for blacklists: http://www.mxtoolbox.com/SuperTool.a...3a50.22.14.104
3. It Shows your in SORBS for spam.


This is an example of a "dirty" ip address. Someone before you used it for spamming or worse (which there is little you can do) someone spoofed your address, sending out spam email and making it look like it's coming from your domain. You can contact your host and/or follow the link from mxtoolbox.com to SORBS and request that your ip be removed.

Hope this helps.

[WILL]

Actually that helps a whole lot. As much as I am the site's administrator, I'm not really a professional network administrator. Though I do have a few of those that help.

I'll check out SORBS and see if I cannot get this sorted out so that we can be removed as being listed as a spamming/malware website. If anyone else can provide further feedback about this, it would also be helpful too.

[simvector]

I've had to deal with these issues before and let me tell its a pain. It's not usually too hard to get off the databases, just send them a request. It's much harder to deal with spoofing however. The nature of how email works allows spoofing to be done.

Here are some general suggestions to help make your site more secure:

1) take advantage tools like mxtoolbox.com. Setup alerts so you know when/where/what's going on.
2) in cPanel, make sure you enable DomainKeys and SPF, these help to prevent forged emails.

3) StopForumSpam.com, projecthoneypot.org, can be used on your site to help with spam. You can get plugins for your site software that can directly integrate with these services. HoneyPot will stop a spammer as they visit they site even before trying to log in. I have both running on my site and it has minimized the fake registrations and spam post.

4) if your on a vps/dedicated with cpanel be sure to enable automatic updates to keep your system software up to date. Make sure mod_security/csf are installed and configured and cPHulk is enabled. Check your php.ini and make sure it's hardened.

5) if your on a shared account, ask your host to verify the security of your account and help to clean up the dirty ips and being removed from the spam databases.

[Matthias]

So who is the service that is shown to have blacklisted us? I keep hearing about it, but no one is able to indicate just who the service is. Opera uses 3rd party services and malware listings so just "Opera" doesn't help at all. I've scoured their website for the list of the services they use and I can't come up with a list on their site.

As mentioned in a PM one month ago the service Opera is relying on is a blacklist from the market leading Russian search engine Yandex (yandex.com). When visiting their site just look for www.pascalgamedevelopment.com and you will find that they also marked it as malicious. In their FAQ they state that they use their own software to detect malicious site and use data from a partner (sophos.com). If these services in turn rely on SORBS I don't know.