What I’ve tried and what’s not working:
I have Avast Web Security installed on my Mac. When I open the Anvil homepage, it blocks the loading of the page and pops up a warning window.
See screenshot here:
In the screenshot, the “background” is the browser tab (where Avast has replaced the target page with one of its own), and the dialog box in the foreground is what Avast popped up.
The screenshot was taken in Brave, but the same thing happens in Chrome.
This occurs when I attempt to load the main anvil.works homepage and also when I’m redirected to login from the forum pages (I ended up having to create this post on my phone since I couldn’t log into the forum).
I have been observing the same behaviour for the past two weeks using Brave browser on Windows so it’s definitely not just MacOS related.
What worked for me was adding anvil.works web to Avast exceptions. However, I don’t consider it a good solution, as I am now able to access anvil.works page but it still keeps triggering Avast popups randomly.
I’ll probably do that, although I agree that telling your security software to ignore a possible threat isn’t ideal.
While I’m sure it’s likely that this is a false positive, it’s still disconcerting. It’d be nice if Anvil were able to state definitively that there’s no security issue with the script identified by Avast.
Is this a problem with Anvil or Avast?
In other words, do you know if it is Anvil that looks too dangerous, or is Avast too sensitive?
Have you tried to contact Avast?
It’s almost certainly not a problem with the Anvil platform. It might - or might not - be a problem with that particular page of the website.
Either way, I’d argue it’s a problem FOR Anvil, because having customers - and more importantly, potential customers - getting malware warnings from the main homepage for your service isn’t really a good look, even if it’s not your fault.
I have no way of determining that. I was rather hoping that the people who run a secure hosting service may be better informed than I am, hence the question. I realise that sounds snarky, and it isn’t meant to: so for the avoidance of doubt, here’s a smiley
Yes. I have submitted a suspected false positive report. Having said that, even if it is a false positive I imagine Anvil would want to know that their website is being flagged as malware.
It’s patently a false positive on Avast - what you might call operation overreaction as a default setting.
Avast’s own website recommends scanning a webpage with VirusTotal, which - and this will come as no surprise to anyone at all - shows that the Anvil site is clean as a whistle:
At this point, we can go nuts and scan the website over at pentest-tools and the answer is, the scariest thing about the anvil website is HTTP Only cookie flag and JQuery:
I submitted a false positive report when I first saw this on the forum, and I received this response 4 hours ago:
Thank you for contacting Avast and reporting a suspected false positive detection. I’m happy to help.
Our technicians reviewed the detection and confirmed it as correct. Unfortunately, I am not able to provide any further information on this matter.
If you are the reported website owner and want us to remove the detection, please make the necessary steps to review your website and source code and contact us again for the new analysis and detection review.
Thank you for understanding.
Could they be talking about “HTTP Only cookie flag and JQuery”? I don’t understand why they won’t provide more information.
These happen all the time. There are threads and thread about the exact same warning on other forums and a successful solution you can identify in not all of them.
Thank you for contacting Avast and reporting a false positive URL detection. I’m happy to help.
The reported URL was checked by Avast technicians and based on the findings the detection was removed. The website is now marked as clean in the Avast virus database. This change may take up to 1 hour to take full effect. Please accept my apology for the inconvenience caused.”
