[clamav-users] Anyone else having trouble reaching the ClamAV website?

clamav.mbourne at spamgourmet.com clamav.mbourne at spamgourmet.com
Thu Jan 5 16:59:02 UTC 2023 

Kris Deugau wrote:
> I went to load a semi-bookmarked page for signature writing 
> (https://docs.clamav.net/manual/Signatures.html), but it failed and kept 
> reloading Cloudflare's "security check" voodoo.
> 
> (Side question to pass up the chain at Cisco/Talos - is there a knob 
> that can be twisted somewhere to force that check to run exactly once, 
> then stop?  I can't imagine any scenario where running it over and over 
> and over has any benefit to anyone.  [And for bonus points, display an 
> error message that gives some sliver of a hint what 
> beyond-the-bleeding-edge headacheware the site or its security provider 
> insist on relying on this week.])
> 
> I then tried to load the main site, https://www.clamav.net, which also 
> went into the same loop.
> 
> I usually use Seamonkey (all-in-one Mozilla suite).  I tried Konqueror 
> which seemed to load things up fine.
> 
> Since starting to write this and putting it aside, I've come across a 
> small handful of other sites with the same issue, including one case 
> where the base site triggered the issue but a directory under the base 
> site did not.  Since I'm *not* seeing it across a large number of sites, 
> it's pretty clearly some specific security option in Cloudflare causing 
> the failure.
> 
> -kgd


ClamAV's site works for me, using SeaMonkey 2.53.14 - I'd been looking 
at those pages before sending my earlier reply.  It seems to be affected 
by Edit > Preferences > Advanced > HTTP Networking.  I usually have that 
set to just identify as SeaMonkey.  With it set to identify as SeaMonkey 
and advertise Firefox compatibility, I see the looping effect you 
describe (at least when I enable Javascript, which is usually blocked by 
NoScript).

I've also had sites protected by another system (Akamai, I think) block 
access if Javascript is disabled.  With those, just enabling Javascript 
and reloading doesn't work, as they seem to set some sort of cookie 
remembering that you're blocked - so have to also delete the cookie 
before reloading.

-- 
Mark.

More information about the clamav-users mailing list