Avast false positives Trojan warning about any cloudflare protected website

the folder cdn-cgi which I believe some security challenge for bots is triggering a false positive warning on avast antivirus, the free version aswell, all my websites protected with cloudflare is preventing people from logging in and the connection is terminated, I suggested cloudflare team white list them selves here:
https://kb.support.business.avast.com/GetPublicArticle?title=Submit-False-Positives-And-Whitelisting
People are losing traffic this is not small issue as Avast is the most popular anti virus, its weird I am the first to actually speak about this.

What Cloudflare Apps do you have installed?

If you paste a link for the cdn-cgi script that’s triggering a detection, Cloudflare can take a look to make sure no App developer (Cloudflare Apps are served from that folder) is distributed malware/spyware.

here you go
cdn-cgi/challange-platform/orchestrate/jch/v1
this is the exact folder where the warning is coming from, I don’t have any apps enabled.
Regards

The infected or false positive name is: JS:includer-BOF [Trj]

Also JS:includer-BNR [TRJ]

Another note: I have under attack enabled and bot challenge enabled, but aren’t those native features? or apps?

I hope you have enjoyed the weekend, but also I hope you took the matter seriously too.
Regards

Thank you, we have raised the issue with Avast and currently working toward fixing it.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.