Our company uses a ticketing system for our software, but recently, both Chrome and Firefox have started displaying a "malicious warning" when trying to access it. I'm not in charge of the website, but I'm curious about what steps we should take to resolve this issue and who we should contact. The website isn't public in the sense that it requires a login to access, and we have a valid SSL certificate from GlobalSign. I'm starting to wonder if our servers might have been compromised and are distributing malware. Has anyone faced a similar problem?
5 Answers
So, it sounds like your site got blacklisted by Google Safe Browsing. You can use the Google Search Console to find out which specific URL or endpoint is causing the problem. You’ll need to validate your domain there, and it should give you more details. Once you fix the issue, you can request Google to reconsider their blacklist. Good luck!
You mentioned needing to login to access the site, but if it’s reachable from the internet, it technically has a public interface. This could still expose it to vulnerabilities, so you might want to investigate any potential OS or plugin issues.
What's the exact error message you're getting? That can offer some clues. If it indicates phishing, I'd recommend checking your web logs for unusual activity. Sometimes vulnerabilities can lead to unexpected behaviors, even on hidden interfaces.
The message is in French, saying something like 'this website is malicious, don't go on it.' It's generic and doesn't give specific reasons, which is frustrating.
Don’t underestimate the impact of URL redirects, especially if you have different versions of your site (like www vs. non-www) configured incorrectly. That has caused problems for others before. Just make sure all your redirects are set up properly.
Honestly, I'm not a big fan of paid certificates. Sometimes, using services like Let's Encrypt or Cloudflare can simplify things. But I get that getting management on board is a whole other battle!
Ugh, I've dealt with that before! Google really doesn't hold back when there's a potential issue. Just be cautious and make sure your security team is on it.