Single post in False positive virus alert

Plausible is a tool used by website owners to understand how people interact with their websites. It tracks things like how many visitors come to the site, which pages they view, and how long they stay. No need to worry, this is all anonymous and respects worldwide privacy laws, as it only collects country (useful for timezone conversion), browser type and pages visited. This helps website owners make informed decisions about improving their websites, for example viewing most active times, or most active pages. It's like having a map that shows where people go when they visit a website, helping the owner make the site better for everyone. This type of data was already collected prior to me being part of the site but by a tool that would increase server load by an amount that's not acceptable long term, that's why these antivirus issues are only recent. When you visit a website, your web browser sends requests to gather information about your visit. Plausible uses something called an "API" to collect this data, specifically from a location called "/api/event". Now, in your browser's developer tools, you might notice that requests to "/api/event" are being blocked. This is because your browser has privacy settings enabled (either by you or by browser default settings) to block requests to Plausible or similar tracking tools. It's a way your browser protects your privacy by not sharing certain details about your visit with these tracking services. So, if you see these requests being blocked, it's your browser's privacy settings doing their job to keep your online activity more private, and we'll never ask you to disable this, we just roughly pad up the numbers we get from Plausible to account for people with these settings enabled. I'm not sure why AVG & Avast teams suddenly decided that my version of Plausible was phishing and should be blocked from their tools forever, but just in case, I've freshly installed a new instance and got the warnings cleared from antivirus solutions. No more adding to exceptions needed. Hopefully this clears up any worries anyone had, as I know that some can be a bit more precautious in their browsing and us (the site maintainers) blindly asking them to trust us and add us to exceptions is not always something they're willing to do.

Followup: Someone was kind enough to report this issue to Avast, and in return they received a number of links to reports against PFQ's domain. I reviewed the first such link, and immediately identified the issue: Avast is stupid. The reported page was a user profile. User profiles contain user-generated content. This particular user profile has images. These images are hosted on another domain. That domain is a service which, quoted from their homepage, "lets you upload any type of file to link elsewhere, forever for free." That's basically an invitation to upload malware to their service, which of course malicious users have undoubtedly done. Rather than blacklisting the individual malware files on that service, the entire domain is blacklisted. Consequently when the user posts images that are hosted on that domain, their profile page is seen as "malicious" because it "links to a blacklisted domain". As a result, our entire domain is treated as "malicious". It would be funny, if it weren't so stupid, that it is the antivirus database itself that is behaving like a virus, "spreading" its blacklist by simple touch. We're still waiting for an official response from Avast, but honestly you can probably just uninstall Avast. McAfee too. You don't need them. Windows Defender is more than adequate for protecting your computer, and up-to-date browsers will also protect you from attacks. It's actually pretty much impossible to accidentally get a virus - the key word being "accidentally". The usual advice applies: don't download stuff that you didn't specifically ask for! Anyway. Hopefully I'll have some better answers soon.