Why is my website trigger antivirus warnings?

I’ve had multiple recruiters tell me that my portfolio website http://www.starchevsky.com is triggering their antivirus protection or is getting blocked. I’m unable to reproduce the problem on my end or identify the problem… can anyone help me figure out what’s causing this?

Hi starchevskyt welcome to the forum

The site has a few problems but other than being http instead of https nothing jumps out as being a potential trigger AFAICT. A couple of online sites I tried tested clean.

I’m afraid that without more details on how to reproduce I can’t help more than offer a wild guess - Privacy Badger?

Thank you for the warm welcome and the response! I’ll ask those who spot the problem to give me more info.

If it’s not too much to ask, would you mind sharing what else you see wrong with my site? Other than the text for each row (ie Paypoint) being top-aligned with the image rather than center aligned as I had intended, I didn’t spot anything, but I am rusty. Thanks!

https://validator.w3.org/nu/?doc=http%3A%2F%2Fwww.starchevsky.com%2F

page errors:

  • images with missing alt attributes/values
  • non-unique id value
  • obsolete CSS attribute
  • broken link - “prem.html”

* I don’t think any of those would trigger an antivirus. Just the same fixing those wouldn’t hurt any.

I tested your site using my HTTP URL Checker and found:

  1. Simple option returned all http_response codes set at 200

  2. Verbose option the
    a, http and http://www protocols were OK
    b. http and https://www protocols both timed out.

Try the *Demo option and compare the results with your site.

Also tested in Firefox and Opera and both reported “The site is not secure”.


Are you using Letsencrypt for the SSL Certificates? If so it is not working or there is a problem with the certificates. If not it is Free and quite easy to setup and well worth the effort.

Edit:
Further checking using this SSL Certificate revealed that even though there the site has valid certificate there are setup problems:

None of the common names in the certificate match the name that was entered (starchevsky.com). You may receive an error when accessing this site in a web browser.Learn more about name mismatch errors.

@John_Betong: from the URL in the first post, it appears the site is not using an SSL certificate, so I don’t think the issue lies there.

I wouldn’t think so. I have Ghostery installed, and it’s only indicating one tracker, for Adobe Typekit.

I think there is a .htaccess problem.

Also the link I supplied has the following details about their Letsencrypt certificate:

The certificate will expire in 55 days.

OK. It appears there has been no certificate configured for starchevsky.com, and as the OP posted a link using http://www.starchevsky.com, it looks as if they don’t intend to use one. Firefox shows a security warning if I enter https://www.starchevsky.com, but not if I use the http link as given.

So the solutions seem to be to use the .htaccess file to redirect https to http, or to set up an SSL certificate for the domain in question.

That link seems to show information for a different domain.

The link required the URL to be submitted in order to be tested.

It appears the certificate is shared between other domains. I originally had problems with sharing a single certificate and now ensure each domain has a separate certificate.

Thank you to everyone for taking the time to help, I’ve set up an SSL certificate so hopefully this fixes the issue. Not too familiar with this set of issues but please let me know if you continue to see the issue on your end.

I have just ran tests on the two links provided and both are now ok.

@Mittineague suggested in post #4 to use the free html validator because some of the pages fail validation. Explicit details are available on each failure and relatively simple to apply fixed.

There is also a missing link to your resume:

Not Found

The requested URL /img/tatianastarchevsky-resume.pdf was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

I would also recommend having a common menu on all pages to simplify navigation and hope it will blend nicely with your current minimal design.