cancel
Showing results for 
Search instead for 
Did you mean: 
1

Ask

2

Reply

3

Solution

Website incorrectly blocked by SecureNet Filters

Zobottherobot
2: Seeker
2: Seeker

Hi There, The following website has been incorrectly blocked by your filters. 
www.readandcobooks.co.uk

 
Read & Co Books is a British independent book publisher and includes many classic children's titles. Sites for other similar publishers are not blocked. Please could you look into this and let me know why this website was blocked and when the block will be lifted.

Many Thanks,

Zoe 
9 REPLIES 9

Beth
Community Manager
Community Manager

Hi @Zobottherobot! Apologies for this. I've raised it to our team to be re-classified correctly for you. Once this has been done, we'll let you know here 🙂

Brilliant, Thanks for getting back to me Beth. 

Hello @Zobottherobot - I'm providing an update on behalf of @Beth 🙂

The team that looks after this are unable to release the website, as it has been compromised as it has emotet malware within it, on the following links: 

hxxps://readandcobooks.co.uk/wp-content/k4eLF-7XMHSfkhdfxpJ-array/securitywarehouse/

wa08-90w0u5s/

hxxps://www.readandcobooks.co.uk/wp-content/t7-tz8

hxxps://www.readandcobooks.co.uk/wp-content/t7-tz8bm-99/

I understand this won't be the outcome you're looking for and I'm sorry for any inconvenience caused. 

Hi There, 

Thanks for getting back to me. Can you please provide me with information on how and when this malware was detected? I know we had a problem in 2020 but as of then the site has been clean and a whole host of security measures put in place to make sure it doesn't happen again.

We checked through our logs and can't see any visits or scans of this URL done since I contacted you on the 20th of Jan, apart from the ones I did today to see what was there and only getting the 404 that the page doesn't exist. There is no malware on the site. We have checked and double-checked and checked again. Could you please run an up-to-date check on your end and get back to me.

root@ip-172-30-0-149:/var/log/apache2# zcat *.gz | grep -i -e "securitywarehouse" | grep -v wp-includes | grep -v wp-admin | grep 404
root@ip-172-30-0-149:/var/log/apache2# cat *.log | grep -i -e "securitywarehouse" | grep -v wp-includes | grep -v wp-admin | grep 404
88.97.7.52 - - [28/Jan/2022:10:27:01 +0000] "GET /wp-content/k4eLF-7XMHSfkhdfxpJ-array/securitywarehouse/ HTTP/1.1" 404 142375 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36"
88.97.7.52 - - [28/Jan/2022:10:27:02 +0000] "GET /wp-content/k4eLF-7XMHSfkhdfxpJ-array/securitywarehouse/ HTTP/1.1" 404 149029 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36"
root@ip-172-30-0-149:/var/log/apache2#

root@ip-172-30-0-149:/var/log/apache2# ls -alr access_www_readandcobooks.log.?.gz
-rw-r----- 1 root adm 397366 Jan 20 06:25 access_www_readandcobooks.log.9.gz
-rw-r----- 1 root adm 370632 Jan 21 06:25 access_www_readandcobooks.log.8.gz
-rw-r----- 1 root adm 490214 Jan 22 06:25 access_www_readandcobooks.log.7.gz
-rw-r----- 1 root adm 403258 Jan 23 06:25 access_www_readandcobooks.log.6.gz
-rw-r----- 1 root adm 372230 Jan 24 06:25 access_www_readandcobooks.log.5.gz
-rw-r----- 1 root adm 406619 Jan 25 06:25 access_www_readandcobooks.log.4.gz
-rw-r----- 1 root adm 423831 Jan 26 06:25 access_www_readandcobooks.log.3.gz
-rw-r----- 1 root adm 846725 Jan 27 06:25 access_www_readandcobooks.log.2.gz

Earliest record
 [19/Jan/2022:06:25:50 +0000] 

Evie
Moderator (Retired)
Moderator (Retired)

Hi @Zobottherobot - I understand that the reply we've had from our back office team who run these checks is less than ideal. They have confirmed to us that the checks were ran thoroughly and unfortunately we are unable to de-classify the website due to malware embedded in the website. 

I would like to officially complain, and get this resolved, please? You can clearly see here in Googles Transparency Report that there is nothing wrong with our website. It is being blocked by Vodafone unnecessarily and without proof or evidence to back up your claims that the site contains malware. 

You have said yourself "the reply we've had from our back office team who run these checks is less than ideal". Can we get a better response then please, with up to date evidence of a check, please?

Many Thanks

Hi @Zobottherobot, this has been investigated by our team under reference INC4577672. If you're wanting to raise a complaint, you can reach out to us on Twitter or Facebook. As we would need some personal information, we can't accept this over the Community, we do need to advise that the outcome may not change. You can find all the contact details here, when you do message us, please select 'Get Started' followed by 'Asked to DM' to get connected to the team. It would be helpful if you could include your Community username in the social media message. 

Hi @MarkD

Does that mean the case is closed with you guys at the "Community"? 

We know that it's not the answer you're looking for, however, this has been investigated and the team are happy with their conclusion. If you send us a message on social media, we'll get some personal details from you and then take it from there.