Is my website visible for you?

Darragh1977

Hi folks, I'm just wondering if you could verify if my site is visible to you - in particular, people behind virus/malware detection software and corporate walls etc.
I have been having issues since a recent attempted hack... it's a Wordpress site and it's been blacklisted all over the shop. I'm a graphic designer, but not a web developer so my knowledge here is extremely limited. This website is a one-page portfolio site for my work.

Any comeback is greatly appreciated.

The website is darraghkelly.com

Mr.Crinklewood

Visible on Android phone

iwillhtfu

Yes works fine on desk top chrome. Looks like you've plenty of high profile clients.

It's an unsecure site though whether that makes a difference or not to yourself.

Timfy

No problem here,

ISP - Sky via Eir infrastructure
DNS Servers - Google, 8.8.8.8 / 8.8.4.4
Firewall - router (intermediate settings) plus windows default settings

28064212

Are you sure you're not sending people to https/darraghkelly.com/? Because the SSL cert you have installed there isn't valid, and that would cause issues.

Separately, your page is an absolutely ridiculous 25MB in size. Wouldn't want to be visiting it on a slow connection

spurious

Quite slow to load here on a desktop, but displaying OK in Chrome and Firefox.
Slightly quicker and displaying OK in Pale Moon.
Loaded quickly and displays fine in Opera.

redfacedbear

Blocked for me (on a government network) redirects to a malware.opendns.com warning page 'due to a security threat that was discovered by the Cisco Umbrella security researchers'.

Darragh1977

28064212 wrote: »

Are you sure you're not sending people to https/darraghkelly.com/? Because the SSL cert you have installed there isn't valid, and that would cause issues.

Separately, your page is an absolutely ridiculous 25MB in size. Wouldn't want to be visiting it on a slow connection

Hi 28064212, thank you. I know it's a heavy site but want to have images as good as possible - for my work. An element of sacrifice in there for better or worse.

Interesting what you say about the SSL cert as I never got one. I have no idea why that would look that way to you. Need to read up on that - thanks for the red flag. I definitely don't communicate a https url, no.

Darragh1977

redfacedbear wrote: »

Blocked for me (on a government network) redirects to a malware.opendns.com warning page 'due to a security threat that was discovered by the Cisco Umbrella security researchers'.

Damn. That's what I was most afraid of. I have requested release from these blacklists all over the shop but can't seem to finish the job. It's like trying to nail jelly to a wall. Thank you.

seamus

Hi Darragh,

The web as a whole is moving towards HTTPS as the standard. As such it's becoming standard for security sweeps and firewalls to verify both the HTTP and HTTPS endpoints of a given URL.

If the HTTPS endpoint fails due a bad cert, then the firewall may block the connection, even if the user was looking for the HTTP endpoint.

My recommendation is to get yourself a valid SSL cert (they're free from LetsEncrypt), or if you don't want the maintenance overhead, then disable the HTTPS endpoint from your hosting provider's control panel.

While the HTTPS endpoint is still open and using an invalid cert, you will continue to nail that jelly to the wall.

28064212

Darragh1977 wrote: »

Hi 28064212, thank you. I know it's a heavy site but want to have images as good as possible - for my work. An element of sacrifice in there for better or worse.

But you're not gaining anything. No matter how high-resolution the image, it's going to be scaled down by the browser to fit on the page. Take the Circle K Waffles image: http://darraghkelly.com/wp-content/uploads/2019/02/Circle-K-02.jpg. Even on a 1920*1080 monitor, that image is going to be no taller than 544px. Yet you're loading an image that is 1500px tall. It's got *8* times as many pixels as it needs. And you're repeating that 60 times on the same page. By all means, have the original quality image available on a click-through, but it makes no sense to load the full images on that single page

Darragh1977

seamus wrote: »

Hi Darragh,

The web as a whole is moving towards HTTPS as the standard. As such it's becoming standard for security sweeps and firewalls to verify both the HTTP and HTTPS endpoints of a given URL.

If the HTTPS endpoint fails due a bad cert, then the firewall may block the connection, even if the user was looking for the HTTP endpoint.

My recommendation is to get yourself a valid SSL cert (they're free from LetsEncrypt), or if you don't want the maintenance overhead, then disable the HTTPS endpoint from your hosting provider's control panel.

While the HTTPS endpoint is still open and using an invalid cert, you will continue to nail that jelly to the wall.

There is a figurative ton of excellent information in there that even I may be able to eventually unravel and eventually implement. Thank you very much for posting this - you have simultaneously delighted me and taken away my weekend!

Darragh1977

28064212 wrote: »

But you're not gaining anything. No matter how high-resolution the image, it's going to be scaled down by the browser to fit on the page. Take the Circle K Waffles image: http://darraghkelly.com/wp-content/uploads/2019/02/Circle-K-02.jpg. Even on a 1920*1080 monitor, that image is going to be no taller than 544px. Yet you're loading an image that is 1500px tall. It's got *8* times as many pixels as it needs. And you're repeating that 60 times on the same page. By all means, have the original quality image available on a click-through, but it makes no sense to load the full images on that single page

Fair point, well made. I design almost exclusively for print so always approach with the aim of 'best quality' - but what you say is very clear. Thank you.

Talisman

Your website is blacklisted by McAfee.

https://sitecheck.sucuri.net/results/darraghkelly.com

As you're using WordPress my suggestion would be to add some security to your installation - Infosec has a list of plugins that you should check out. Best WordPress Security Plugins

Another thing you should do is export the database and check the content. If you haven't identified the entry point for the hack then the best advice is to replace the site with a clean install of WordPress and review the plugins installed.

You need to reduce the size of the images on the website - there are 24MB of images!

Website Speed Test - Image Analysis Results

Darragh1977

Talisman wrote: »

Your website is blacklisted by McAfee.

https://sitecheck.sucuri.net/results/darraghkelly.com

As you're using WordPress my suggestion would be to add some security to your installation - Infosec has a list of plugins that you should check out. Best WordPress Security Plugins

Another thing you should do is export the database and check the content. If you haven't identified the entry point for the hack then the best advice is to replace the site with a clean install of WordPress and review the plugins installed.

You need to reduce the size of the images on the website - there are 24MB of images!

Website Speed Test - Image Analysis Results

Thank you kindly - point well received on the imagery!
I have already contacted McAfee actually and am waiting for a positive response. I have done everything I know that is possible to do to secure it and everything seems to suggest that it is now completely clean. I have added some security plugins recently but will have a look at the ones you suggest here, thank you.
All extremely helpful info - thanks again.

mneylon

If you want people to visit your site (page) you really need to shrink it.

It's currently over 26 megs, which is about 25 megs too big:
https://tools.pingdom.com/#5a7b664272c00000


I suspect it'll be even worse on mobile

There's no reason why all those logos need to be that big.

As others have said screen resolution is different from print - also most people would use multiple pages and there are a lot of ways to display higher quality images without forcing such a large download.

Trojan

28064212 wrote: »

But you're not gaining anything. No matter how high-resolution the image, it's going to be scaled down by the browser to fit on the page. Take the Circle K Waffles image: http://darraghkelly.com/wp-content/uploads/2019/02/Circle-K-02.jpg. Even on a 1920*1080 monitor, that image is going to be no taller than 544px. Yet you're loading an image that is 1500px tall. It's got *8* times as many pixels as it needs. And you're repeating that 60 times on the same page. By all means, have the original quality image available on a click-through, but it makes no sense to load the full images on that single page

This by 1000.

After you reduce the image sizes, let me introduce you to Lazy Loading. Install and activate this.

daymobrew

What did the hackers do?

One of my client sites was hacked a few times (I suspect a careless user with a poor password or bad hosting) and they kept installing webshell plugins.
When I disabled execution of PHP files in wp-content directory it stopped.
I wrote about the changes I made:
https://www.damiencarbery.com/2019/03/hardening-and-caching-wordpress/

namenotavailablE

On my home PC with Bitdefender installed it was initially blocked. It loaded once I clicked the 'I understand the risks' link but I wouldn't tend to do that unless I knew the site (and in truth, I took a risk clicking through to yours )

Darragh1977

namenotavailabl wrote: »

On my home PC with Bitdefender installed it was initially blocked. It loaded once I clicked the 'I understand the risks' link but I wouldn't tend to do that unless I knew the site (and in truth, I took a risk clicking through to yours )

Good to know, thank you.

Darragh1977

daymobrew wrote: »

What did the hackers do?

One of my client sites was hacked a few times (I suspect a careless user with a poor password or bad hosting) and they kept installing webshell plugins.
When I disabled execution of PHP files in wp-content directory it stopped.
I wrote about the changes I made:
https://www.damiencarbery.com/2019/03/hardening-and-caching-wordpress/

Thank you - plenty to work through there! My site was left untouched for ages so it was out of date, update-wise. All the usual stuff happened but I'm unfamiliar with that sort of thing so it's been a long, slow slog cleaning it up and fixing the damage. Sharp learning curve for me. Everything to this order has been new. Still working on it now so all of this knowledge/feedback from you guys here is greatly appreciated.

PatrickSmithUS

redfacedbear wrote: »

Blocked for me (on a government network) redirects to a malware.opendns.com warning page 'due to a security threat that was discovered by the Cisco Umbrella security researchers'.

Did you ever get to the bottom of this? I've started experiencing the same problem myself.

daymobrew

PatrickSmithUS wrote: »

Did you ever get to the bottom of this? I've started experiencing the same problem myself.

Would you like to post a link to your site?

WordFence security plugin does a decent scan of your WordPress installation and can find a good few issues.

PatrickSmithUS

daymobrew wrote: »

Would you like to post a link to your site?

WordFence security plugin does a decent scan of your WordPress installation and can find a good few issues.

Thanks it's http://blacksheepproductions.ie/


Seems to be working ok now but I'm using arctitan now so that might have sorted it.

28064212

PatrickSmithUS wrote: »

Thanks it's http://blacksheepproductions.ie/

Seems to be working ok now but I'm using arctitan now so that might have sorted it.

That only fixes it for you looking at your site. Any visitor who is using Cisco Umbrella will still be blocked.

The underlying issue is likely the same as theorized up-thread - you have a HTTPS endpoint that is using an invalid cert: https://blacksheepproductions.ie/. The fix is to either get a proper cert (preferable, and even better would be to redirect all traffic to the HTTPS site), or else disable the HTTPS endpoint