Access blocked to own website

Hi,

Bitdefender is blocking my access to the administration panel of my own website on the reason that the sending of the password is not encrypted (note: the site has no SLL certificate). Is there a good reason? Is ther really any danger whatsoever? Thanks.

Comments

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited November 2022

    Check your website on below stated website for any malicious content.

    https://sitecheck.sucuri.net/

    https://www.virustotal.com/gui/home/url

    Additionally, if you think bitdefender is incorrectly blocking your website, kindly fill up the below stated forum which will share your website directly with the malware researchers. If the website is indeed incorrectly detected, detection will be removed in next 72 hours.

    https://www.bitdefender.com/consumer/support/answer/29358/

    If detection stays even after 72 hours you will have to contact bitdefender support by dropping them an email at bitsy@bitdefender.com and asking them to get information on your website from malware research team (only if the detection is not removed within the next 72 hours of submission of above stated forum)

    The support team will reply back to your query within next 24-48 hours excluding weekends.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Cosmin P.
    Cosmin P. QA Engineer ✭✭✭

    Hello,


    If your site sends sensitive data in plaintext, it will get blocked by us. The safest way to avoid this is using a SSL certificate.


    You can whitelist your website from the BD interface - Protection - Online Threat Prevention, however this doesn't mean that the issue with your website is solved. You should avoid sending sensitive data over HTTP.


    The risk is that if someone has access to your online activity, your credentials can be easily stolen. For example, if you are connected to an open WiFi, anyone connected to that network could see your credentials if they wanted to.


    This applies even if your website is not flagged on virustotal or others.