Hi,
I am using CentOS and have three domains on my droplet all are Wordpress.
If I want to access them when AVAST is turn ON get error and Avast block the site. THREAT HAS BEEN DETECTED. Same if I want to access my Direct Admin CPANEL with IP.
If I turn OFF Avast all its working fine.
Does Avast provide details on what it’s picking up?
I’ve seen some instances where software that’s supposed to “protect” you from visiting harmful sites report false-positives such as when making an HTTPS request on a domain that doesn’t have a valid, working SSL certificate installed.
If you’ve not installed an SSL certificate on cPanel to cover your hostname and links, that may be one flag since, IIRC, cPanel enforces SSL, whether you have a valid certificate or not.
You can do a lookup on your Droplet IP also to see if it’s potentially in one of the well-known lists that many pieces of software use. Simply enter your Droplet IP in the input box on the page below, click submit and let it run.
this is my droplet ip: 37.139.25.243 and domains where the SSL is enabled through directadmin.
https://webjuice.ie/
https://webjuice.sk/
there is no anything blacklisted https://www.whatismyip.com/blacklist-check/
Seems like that IP-address had/has issues:
https://virustotal.com/en/url/a3476cfb14225e8767f6967c8d43a6fe8d05e9034616a997b8050fe7f39c4945/analysis/
I’ve send a request to Kaspersky to re-scan the url: https://virusdesk.kaspersky.com/