the folder cdn-cgi which I believe some security challenge for bots is triggering a false positive warning on avast antivirus, the free version aswell, all my websites protected with Cloudflare is preventing people from logging in and the connection is terminated, I suggested Cloudflare team white list them selves here:
https://kb.support.business.avast.com/GetPublicArticle?title=Submit-False-Positives-And-Whitelisting
People are losing traffic this is not small issue as Avast is the most popular anti virus, its weird I am the first to actually speak about this.
What Cloudflare Apps do you have installed?
If you paste a link for the cdn-cgi script that’s triggering a detection, Cloudflare can take a look to make sure no App developer (Cloudflare Apps are served from that folder) is distributed malware/spyware.
here you go
cdn-cgi/challange-platform/orchestrate/jch/v1
this is the exact folder where the warning is coming from, I don’t have any apps enabled.
Regards
The infected or false positive name is: JS:includer-BOF [Trj]
Also JS:includer-BNR [TRJ]
Another note: I have under attack enabled and bot challenge enabled, but aren’t those native features? or apps?
I hope you have enjoyed the weekend, but also I hope you took the matter seriously too.
Regards
Thank you, we have raised the issue with Avast and currently working toward fixing it.
1 Like
This topic was automatically closed after 30 days. New replies are no longer allowed.