Category Archives: Safe Browsing

We provide a freemium service to upload large files and download them later on.

Using ClamAV, we scan every file for viruses after it is uploaded and before it can be downloaded. The file is deleted if a virus was found and a HTTP 404 is returned.

Still Google Safe Browsing keeps detecting malware on our site:

…the last time suspicious content was found on this site was on 2015-08-30…

(Which was yesterday as of writing).

While my logs show that viruses/malware are detected from time-to-time, I also see that these files are downloaded zero times and are being deleted automatically as expected.

I’ve read through “What tools does the Google safe browsing service rely on?” and the linked resources.

Still I’m not sure why I cannot get my site to be “Google Safe Browsing clean”. Maybe:

• the used virus scanner is not good enough and lets some viruses pass?
• I’m doing fundamental mistakes due to my limited knowledge of security architecture?

My question:

Do you have any idea what to do in order to get a clean Google Safe Browsing track?

(If this is possible at all, even Dropbox or Google itself are listed there)

Update 1:

As Schroeder says, there may be other content on our site, not the files. We also do provide Windows and Mac clients. These files are all scaned and detected as virus-free.

I’m confused…

Update 2: (2015-09-24)

I’ve installed “Sophos Server Security” on the server in question and see lots and lots of malicious uploads being deleted by Sophos now.

So the ClamAV detection rate seems to be a lot lower than the one of Sophos.

Hopefully with the help of this new anti-virus solution my server never ever again serves as a virus source.

Continue reading Why does Google Safe Browsing keep detecting malware on my website?→

We provide a freemium service to upload large files and download them later on.

Using ClamAV, we scan every file for viruses after it is uploaded and before it can be downloaded. The file is deleted if a virus was found and a HTTP 404 is returned.

Still Google Safe Browsing keeps detecting malware on our site:

…the last time suspicious content was found on this site was on 2015-08-30…

(Which was yesterday as of writing).

While my logs show that viruses/malware are detected from time-to-time, I also see that these files are downloaded zero times and are being deleted automatically as expected.

I’ve read through “What tools does the Google safe browsing service rely on?” and the linked resources.

Still I’m not sure why I cannot get my site to be “Google Safe Browsing clean”. Maybe:

• the used virus scanner is not good enough and lets some viruses pass?
• I’m doing fundamental mistakes due to my limited knowledge of security architecture?

My question:

Do you have any idea what to do in order to get a clean Google Safe Browsing track?

(If this is possible at all, even Dropbox or Google itself are listed there)

Update 1:

As Schroeder says, there may be other content on our site, not the files. We also do provide Windows and Mac clients. These files are all scaned and detected as virus-free.

I’m confused…

Update 2: (2015-09-24)

I’ve installed “Sophos Server Security” on the server in question and see lots and lots of malicious uploads being deleted by Sophos now.

So the ClamAV detection rate seems to be a lot lower than the one of Sophos.

Hopefully with the help of this new anti-virus solution my server never ever again serves as a virus source.

Continue reading Why does Google Safe Browsing keep detecting malware on my website?→