...because the words "This website has been reported as unsafe" and "We recommend that you don't continue to this website because it is reported to contain the following threats:" can't exactly be truthful.
The site in question is an unused domain I own, on a sub-domain that I put into existance hours ago, that isn't accessable to the public. So no one would even know it existed to report -- not that there is any phishing going on here either. It hasn't been sitting hacked...it's only existed since just minutes ago.
So what triggers this? I mean I can unblock and continue, but I'd like to make sure the site I am developing doesn't somehow trigger these false warnings too.
Page 1 / 1
Hello,
Please submit a support ticket so that we can gather log files and determine what caused the block.
Thanks,
-Dan
Please submit a support ticket so that we can gather log files and determine what caused the block.
Thanks,
-Dan
Okay, so it's a new site/domain so doesn't have a high reputation score, triggered when it launched a pop-up debug window. I'm fine with that....makes sense given how phishing sites often work.
But the webroot warning should say this -- and I mean this as a user of webroot, not in regards to my domain getting warned. In this case "this website has been REPORTED to contain" is untrue. This website "has been evaluated by webroot as a high risk of..." would be a more correct statement. The text "reported" should be used when there are....well...actual reports of an issue with the site -- and not simply a webroot engine decision.
That distinction between data-driven and analysis-driven warnings is quite important to me as a user...and would help guide whether I proceed or not out in the wild.
Just my $0.02. It doesn't really affect me beyond this, and that's already fixed. And I'm happy with webroot as the best out there -- just don't go too far in the way of scary warnings, and keep it somewhat clear what is actually driving them to appear.
But the webroot warning should say this -- and I mean this as a user of webroot, not in regards to my domain getting warned. In this case "this website has been REPORTED to contain" is untrue. This website "has been evaluated by webroot as a high risk of..." would be a more correct statement. The text "reported" should be used when there are....well...actual reports of an issue with the site -- and not simply a webroot engine decision.
That distinction between data-driven and analysis-driven warnings is quite important to me as a user...and would help guide whether I proceed or not out in the wild.
Just my $0.02. It doesn't really affect me beyond this, and that's already fixed. And I'm happy with webroot as the best out there -- just don't go too far in the way of scary warnings, and keep it somewhat clear what is actually driving them to appear.
Most of the URL classification is automatic based on some criteria, such as the newness of the site. Humans intervene when something is misclassified or if someone requests us to re-evaluate. I do take your point on the messaging though, so I'll pass that long to the dev folks.
Ok I heard back from some folks here and they are taking your suggestions into account for some already planned work to update the messaging for blocked pages. Thanks for suggesting it!
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.