Today so far has been a comedy of errors with some web programming I wanted to do. A confederacy of dunce issues, one after the other.
It started with some work I’d been doing yesterday with the URL shortener code I use for my jmbk.nl links. The web hosting I have for the domain on GoDaddy is a couple of months from its renewal date, but, to be honest, what I’m paying for it (about $7 a month) is not worth it. I’ll move it to Azure, I thought to myself. Let’s see what amount of work it would take. The code is dead simple: a web service on top of SQL Server, so no sweat there. Let’s take a look at the SQL database: should be simple since there’s only one table. I fired up SSMS and did a few queries … but what’s that? A row in the ShortUrl table showing well over 100,000 hits (that is, that particular short URL has been followed that many times), whereas all the others were less than a thousand. Wut?
var linkElement = $("#shortLink"); var realUrl = encodeURIComponent(linkElement.attr("href")); $.getJSON(...);
Lo and behold, this code was getting run for everybody, but the HTML element only existed for me in god mode. In other words,
linkElement was being set to an empty jQuery object, the call to
attr() was therefore succeeding but the return value was
undefined. And that was being converted by
encodeURIComponent() to “undefined”. Yessss!
I changed the code completely so that it’s only loaded in god mode and also – just in case – to check that
linkElement actually existed before making the callback. Brilliant! I updated the site, tested it in Firefox (my usual browser) and also for fun in Microsoft Edge.
I’ve set up all my browsers to have my personal website as the home page in each. So, as soon as I started Edge, it displayed my personal home page … with a malware warning.
So if my site and contents are fine, why is it being reported as a “harmful'” website? Time for more investigation.
I nipped over to MX Toolbox because it has an option to check if a site has been blacklisted. (Aside: I can’t remember why or how I found this site in the first place, it was several years ago. But it’s dead handy.)
Ah ha! It’s not my site that’s been blacklisted, it’s the IP address of the hosting. And that is an Azure hosting IP address: there must be hundreds if not thousands of domains hosted there.
I clicked on the first item (CBL), and that site told me that “IP Address 188.8.131.52 is listed in the CBL. It shows signs of being infected with a spam sending trojan, malicious link or some other form of botnet.” It also reported the domain name of the site where the malware was detected: a PHP-based site. I tell ya: PHP is a great language for writing server software (WordPress is written in it), but you have to be really on top of security updates and make sure you are fully up to date. (One of the features of god mode on my blog is a display of the links people are accessing the site with that cause a 404 “not found” error, and it’s 95%+ script-kiddie probes for various PHP pages or WordPress admin links. I personally wouldn’t touch PHP with a bargepole.)
OK, so all in all it’s a problem for the Azure guys: there’s absolutely bugger all I can do about removing my site from this blacklist. But where to report it? I certainly wasn’t about to invoke a paid Azure support ticket. After a bit I decided to tweet about the issue and included @AzureSupport in the tweet. A few minutes later, someone there sent me a tweet with the proper issue-reporting link, so I reported it there. Let’s see what happens.
Now … where was I?