False positive virus alert
Forum Index > Core > Announcements >
Followup at bottom of post.
Some users have brought to our attention that PFQ is triggering antivirus protections against "plausible.moons.bio" -- this is a false positive, Plausible is self-hosted open-source software that we use to collect anonymous statistics such as counting visitors and pageloads - it's sort of like Google Analytics but not evil. Moonsy, our system administrator, has written a better explanation here. Thank you for your vigilance! Hope you have a great day :)
Some users have brought to our attention that PFQ is triggering antivirus protections against "plausible.moons.bio" -- this is a false positive, Plausible is self-hosted open-source software that we use to collect anonymous statistics such as counting visitors and pageloads - it's sort of like Google Analytics but not evil. Moonsy, our system administrator, has written a better explanation here. Thank you for your vigilance! Hope you have a great day :)
April 25 2024 *NEW*
Plausible is a tool used by website owners to understand how people interact with their websites. It tracks things like how many visitors come to the site, which pages they view, and how long they stay.
No need to worry, this is all anonymous and respects worldwide privacy laws, as it only collects country (useful for timezone conversion), browser type and pages visited.
This helps website owners make informed decisions about improving their websites, for example viewing most active times, or most active pages. It's like having a map that shows where people go when they visit a website, helping the owner make the site better for everyone.
This type of data was already collected prior to me being part of the site but by a tool that would increase server load by an amount that's not acceptable long term, that's why these antivirus issues are only recent.
When you visit a website, your web browser sends requests to gather information about your visit. Plausible uses something called an "API" to collect this data, specifically from a location called "/api/event". Now, in your browser's developer tools, you might notice that requests to "/api/event" are being blocked. This is because your browser has privacy settings enabled (either by you or by browser default settings) to block requests to Plausible or similar tracking tools. It's a way your browser protects your privacy by not sharing certain details about your visit with these tracking services. So, if you see these requests being blocked, it's your browser's privacy settings doing their job to keep your online activity more private, and we'll never ask you to disable this, we just roughly pad up the numbers we get from Plausible to account for people with these settings enabled.
I'm not sure why AVG & Avast teams suddenly decided that my version of Plausible was phishing and should be blocked from their tools forever, but just in case, I've freshly installed a new instance and got the warnings cleared from antivirus solutions. No more adding to exceptions needed.
Hopefully this clears up any worries anyone had, as I know that some can be a bit more precautious in their browsing and us (the site maintainers) blindly asking them to trust us and add us to exceptions is not always something they're willing to do.
April 3 2024
Followup: Someone was kind enough to report this issue to Avast, and in return they received a number of links to reports against PFQ's domain.
I reviewed the first such link, and immediately identified the issue: Avast is stupid.
The reported page was a user profile. User profiles contain user-generated content. This particular user profile has images. These images are hosted on another domain. That domain is a service which, quoted from their homepage, "lets you upload any type of file to link elsewhere, forever for free." That's basically an invitation to upload malware to their service, which of course malicious users have undoubtedly done. Rather than blacklisting the individual malware files on that service, the entire domain is blacklisted. Consequently when the user posts images that are hosted on that domain, their profile page is seen as "malicious" because it "links to a blacklisted domain". As a result, our entire domain is treated as "malicious".
It would be funny, if it weren't so stupid, that it is the antivirus database itself that is behaving like a virus, "spreading" its blacklist by simple touch.
We're still waiting for an official response from Avast, but honestly you can probably just uninstall Avast. McAfee too. You don't need them. Windows Defender is more than adequate for protecting your computer, and up-to-date browsers will also protect you from attacks. It's actually pretty much impossible to accidentally get a virus - the key word being "accidentally". The usual advice applies: don't download stuff that you didn't specifically ask for!
Anyway. Hopefully I'll have some better answers soon.
I was worried when it happened last night, i'm glad to know it was a false positive and not some attempt to take the site down or something.
Icon made by my awesome sibling MossyMoss
Thank you for the notice!
Yesteday my antivirus, blocked PFQ due to the false alert, and i was about to post into a bug forum! ^^
- -Wick
- -Chic
Name: Icey/Wick
I share IP with my sibling Hyuse
Bad Container in IDV, Good Student (busy at much)
Secretly i am "Prisoner" Lil Balsa =P
Current Avatar: By: @ghostpetrichor_ on twitter FTU Credits: . MY SHOP:KING OF THE BEASTS OPEN NOW!
Current Avatar: By: @ghostpetrichor_ on twitter FTU Credits: . MY SHOP:KING OF THE BEASTS OPEN NOW!
Progress to level 4
Tamakoma - 2 stan!!
Well, Ru out i will play with trainer see ya! (Art By: Gaelson)
i don't know whether this is the same as that or not. if im using chrome in phone, sometimes chrome doesn't give me access to pfq because privacy issue. usually it stays for 15-30 minutes before allowing me to access pfq again. is the issue also caused by that?
Score: 0
"identified the issue: Avast is stupid" is such a funny phrase to come out of this LOL. It's not wrong in the slightest though. I used to have Avast and it caused more problems than it solved.
Thanks for the swift update and thorough explanation!
Felix/UU 🌈 23 🌈 He/Him
credit
Background is from the TCG card Path to the Peak by Oswaldo KATO
Icon is by frillious and was commissioned by me personally
F2U code by Gumshoe
hold on - am I understanding it right that the false-positive happened, because a user added links to a perfectly safe file, but from a domain that also includes malicious files, that weren't linked on here at all?
QUOTE originally posted by gaylie
hold on - am I understanding it right that the false-positive happened, because a user added links to a perfectly safe file, but from a domain that also includes malicious files, that weren't linked on here at all?
you're not wrong at all, lol, we had McAfee for about a year or so, and Windows Defender did more than McAfee did. Microsoft sends us monthly updates on viruses and such and also doesn't let us onto sites with malicious intent, but McAfee did, lmao.
But yeah, conclusion: Avast is stupid
Sonora - 16 - hoot/owl
"You weren't quite as bold. Smarter, sharpr, brighter than the rest . . . Now you're sixteen, broke and burning out in style" -gifted kid burnout . Tom O'Donovan TH
Sweet Apple
Evolution Item
(: 0)
A peculiar apple that can make a certain species of Pokémon evolve. It's exceptionally sweet.
Sells for 1,000
Likes:
Sweet food
MAX
Timid nature
Huh interesting, I use Malwarebytes and I have not run into such an issue so that's somethin.
I am forever indecisive on a Pokésona lol.
QUOTE originally posted by Kitsune Hime
Huh interesting, I use Malwarebytes and I have not run into such an issue so that's somethin.
Cannot post: Please log in to post