Back to Help and Support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
1

Ask

2

Reply

3

Solution

URGENT: My website is inaccessible on the Vodafone network: insecure redirect via allot.com

Go to solution
matstillo
2: Seeker
2: Seeker

‎21-11-2023 01:58 PM

Hi there,

I'm a web developer having an issue I've never come across before. My clients website cannot be accessed by anyone using a Vodafone cellular connection. It gives a 'insecure connection' warning, with an SSL certificate for that page being issued by allot.com. This is not my actual website SSL, which is with iOnos and has been verified as fully working. 

Why is the domain being redirected through allot.com by Vodafone like this?!

The is not just my Vodafone connection, it appears to be all the visitors to the site accessing via Vodafone. It may not be happening for all of them, but all the failed connections are 100% accessing via Vodafone mobile.

I hope you can help as a matter of urgency, my client is going nuts.

Many thanks

Mat

0 Thanks
1 ACCEPTED SOLUTION

Go to solution
Effie
Moderator
Moderator
In response to matstillo

‎27-11-2023 03:27 PM

Could you please pop me over the URL of the site @matstillo  and a screenshot of the error visitors are getting? Can you also confirm if the error occurs when SecureNet is active, inactive or both? 

View solution in original position

0 Thanks
15 REPLIES 15

Go to solution
CallumR
Moderator
Moderator

‎21-11-2023 04:09 PM

Hey @matstillo thanks for reaching out to us. I've taken a look at the link you provided in the other thread and it seems that 2 security vendors have marked the website as malicious. You can check which security vendors have marked this down here

Before we're able to raise a case to get the website reclassified, we'd advise you to speak with your tech team that deals with your website and remove anything that's been marked as malicious. 

Once done, come back to us and we'll get a case raised for you. 

0 Thanks

Go to solution
matstillo
2: Seeker
2: Seeker

‎21-11-2023 05:13 PM

OK thanks, this is a Shopify site that a client has built themselves. It's all managed by Shopify so I'll  ask them to look into what might be getting flagged. Many thanks for the swift reply.

0 Thanks

Go to solution
matstillo
2: Seeker
2: Seeker

‎21-11-2023 05:22 PM

I can't see how I go about finding out more info from VirusTotal about what they think is malicious though? I don't know where to even start otherwise! I've requested Shopify look into it anyway.

0 Thanks

Go to solution
CallumR
Moderator
Moderator

‎21-11-2023 05:32 PM

@matstillo Shopify should be able to locate any malicious links within your website. When you use the link to go to VirusTotal, enter your website into the URL section and it'll bring up the security vendors that have marked your website. 

Once you've heard back from Shopify, please come back to us and we'll get it raised if needed. 

0 Thanks

Go to solution
matstillo
2: Seeker
2: Seeker
In response to CallumR

‎22-11-2023 02:59 PM

Thanks! Unfortunately the VirusTotal report indicates the vendors that find an issue but not what it actually is. Ive asked Shopify to investigate.

0 Thanks

Go to solution
Janey
Moderator
Moderator
In response to matstillo

‎22-11-2023 03:18 PM

Thanks for letting us know @matstillo Let us know when you have an update.

0 Thanks

Go to solution
matstillo
2: Seeker
2: Seeker

‎27-11-2023 03:00 PM

OK so Shopify have been able to confirm that they cannot see anything at all that would cause the site to be flagged as harmful:
 They say:


"From our end, I have checked your theme, apps and the limited domain information we can see in the Admin, and I was not able to identify anything that might cause a mobile service to flag your website in the way you described. Our investigation from myself and previous advisors have determined that all signs are pointing to the issue being between the domain provider (the SSL certificate specifically) and the mobile service of Vodafone only, not their broadband service. "

I can only think that the 2 results from VirusTotal saying otherwise are false positives & I really now need Vodafone to look into this further. iOnos are unable to see anything with the current SSL set up that would cause any issues either. And as Vodafone Mobile is the only service on which this issue is happening, it really does seem that it is now down to Vodafone to give me more answers on not only why they are blocking my site, but why it is being redirected to an SSL served by allot.com that even Vodafone don't seem aware of?

Hopefully someone can now look into this further and remove anything from the site that is causing it to be blocked/redirected.

 

Many thanks

 

0 Thanks

Go to solution
Effie
Moderator
Moderator
In response to matstillo

‎27-11-2023 03:27 PM

Could you please pop me over the URL of the site @matstillo  and a screenshot of the error visitors are getting? Can you also confirm if the error occurs when SecureNet is active, inactive or both? 

0 Thanks

Go to solution
ljp2024
2: Seeker
2: Seeker
In response to Effie

‎22-12-2024 04:13 PM

Good afternoon, @Effie 

I'm popping here the message I sent yesterday, as I have what seems to be a very similar problem to the one discussed in this thread:

Me and my web developers are having an issue that we've never come across before. We recently launched our new website, changed host to ionos and after setting everything up with a correct SSL certificate, we have found out that some users are unable to access the website and were getting an Err_cert_authority_invalid. 

We reviewed everything and found out the website had been included in the blacklist of some security vendors. We reviewed again the website, found everything was fine and correct and contacted these companies one by one and each one of them confirmed it had been a false positive and removed our website from the blacklist. I have rechecked VirusTotal right now, and it all comes up clean (see screenshot).

But some users still found that they couldn't access our website. We reinstaled the certificate, reviewed all the website again, and then found out it only happens to users that have Vodafone as their ISP. They get an 'insecure connection' warning, with an SSL certificate for that page being issued by allot.com, which is not our actual website SSL (which, as I mentioned, has been verified as fully working several times).

I've read in this forum that this has happened before to other users. Could you kindly assist to solve this problem as quick as possible. It is not only not allowing some users to get to our website, but also impacting very negatively our brand. 

For your reference, our URL is www.mejoronline.net

I have attached a screenshot of what users see, and today's VirusTotal analysis.

I hope you can help as quick as possible, this is completely messing our numbers of the end of the year.

Many thanks

Laura

WhatsApp Image 2024-12-14 at 14.29.22 (2).jpegCaptura de pantalla 2024-12-22 a las 17.09.33.pngWhatsApp Image 2024-12-14 at 14.29.22 (2).jpeg

0 Thanks