04-13-2012, 12:53 PM
Here's basically what is happening & the only interim fix.
Our only recommendation we can make right now is to disable the "malicious website blocking" module in the software http://cl.ly/23260l28330F110Q082c . Here's the problem:
-- Say one site on CloudFlare has an issue (according to Malwarebytes).
-- This site is on CloudFlare's IPs.
-- In addition to that one site being on CloudFlare's IPs, there are also potentially hundreds (or more) sites on those same IPs. If Malwarebytes blocks those ips with their software, they are blocking every site on the CloudFlare network with those IPs (in other words, they are blocking tons of domains because of an issue with one domain).
It doesn't look like this is an issue we can easily resolve with Malwarebytes right now. We have offered to block malware URLs from sites they report an issue with, since we have the capability to do so, but the stance of Malwarebytes is that we have to take down the site. We can't take a site down for two primary reasons:
-- We're not a hosting provider.
-- The site owner may have unknowingly been hacked and is unwittingly distributing malware.
We will continue to see where our discussions with Malwarebytes goes & we hope this will change in the future.
Our only recommendation we can make right now is to disable the "malicious website blocking" module in the software http://cl.ly/23260l28330F110Q082c . Here's the problem:
-- Say one site on CloudFlare has an issue (according to Malwarebytes).
-- This site is on CloudFlare's IPs.
-- In addition to that one site being on CloudFlare's IPs, there are also potentially hundreds (or more) sites on those same IPs. If Malwarebytes blocks those ips with their software, they are blocking every site on the CloudFlare network with those IPs (in other words, they are blocking tons of domains because of an issue with one domain).
It doesn't look like this is an issue we can easily resolve with Malwarebytes right now. We have offered to block malware URLs from sites they report an issue with, since we have the capability to do so, but the stance of Malwarebytes is that we have to take down the site. We can't take a site down for two primary reasons:
-- We're not a hosting provider.
-- The site owner may have unknowingly been hacked and is unwittingly distributing malware.
We will continue to see where our discussions with Malwarebytes goes & we hope this will change in the future.