Virus software warning

I have webroot antivirus and it always warns me that this site is not safe… and it says there may be malware or other security risks… it probably means that links or photos may take you to unsafe sites… as far as I can tell… I am sure others have noticed… has anyone addressed this for the forum?

1 Like

Never heard of the software until your post, so I did a quick google and… I am not impressed.

If I had to guess, it may be flagging the site because although it’s it’s a Discourse instance, so a lot of the content comes from the Discourse CDN servers. Any time content is coming from more than one domain, there can be issues.

The nature of discussion forums is also such that users can post pretty much any links they like. The only real recourse other users have is to (1) use common sense and (2) flag any post containing what appears to be a dubious link or content that violates the FORUM RULES.

The site does have a pretty good anti-spam filter, though - I’ve seen very little that wasn’t flagged by that or the restrictions applied to brand new accounts.

My recommendation would be to simply mark the site as excluded from webroot’s scanning.

Edit: My NoScript has a feature that checks a site against various services. Nothing comes up at Google’s Safe Browsing report, URLVoid, or McAfee SiteAdvisor. So basically, nothing to worry about.


For the record… webroot in addition to antivirus is antimalware. It stops the viruses and worms that exist in order to infect other computers, but it also protects you during web surfing sessions by blocking harmful websites.

It just did its job it warns way before it blocks… it does not warn on other forums like this (wiki and ign etc…) just this one and that is why i was wondering if anyone else saw this… it gives me green or yellow check marks by search engine results in real time… on their safety levels also … I used it because I had some sophisticated trading software that needed a higher level of security awhile back for obvious reasons… I figured it was something I could just watch out for… and it is no cause for alarm that I can tell… yellow usually is issues like the ones we both mentioned… thank you :v::boom:

IIRC those have all their content, scripts, etc. hosted on the same domain. It would be interesting to know if webroot flagged other forums hosted on discourse. One example would be the user forums for EVE Online.

1 Like

You got me curious… searched gearbox and Eve Online get green checks… I did notice that gearbox shift and this forum got yellow and it may just be the addresses… this site puts and names before the web address and this may be the flag… maybe flag to avoid imitation site addresses… :v::boom:

edit: Scratch that theory putting names in front is done for eve online forum and no yellow flag… mystery abounds … :ghost::alien::japanese_ogre::poop: usual suspects :acmhmm::v::boom:

I run Bitdefender which has a similar real time flagging feature, and I get green on all the sites mentioned. Maybe Gearbox/Discourse has a particular cookie request that is causing web root to flag it. If you’re still curious about it maybe try clearing the site cookies and seeing if that makes a difference.


The only other thing I can think of is if there’s a difference between being logged in and not logged in (secure versus unsecure connection). There’s one other site I know of which I believe uses Discourse for their forums -

1 Like

I’m not real good with this new-fangled fancy malware protection apps, but Avast seems to be one of the best anti-malware software out there. Works for me. You can pay for additional services, but the free version is good as well.

1 Like

The way internet names work, it shouldn’t make any difference to a malware checker. The pattern is local.domain.tld, where local is the name of the computer, service, or sub-domain, domain is the actual domain name, and tld is the top-level domain (eitther .com, ,net, .org, etc. or a country code such as .ca, .us, .uk, etc.) So the key things as far as identifying where or who a url points to are the last ones in the chain (domain.tld). There are variants to that - for example,,, (state of California) etc. - but once you know the pattern it’s pretty easy to figure out what you’re looking at.

Look at the lock feature if you use Firefox web browser with the info button this is a browser only function (I believe) but similar it allows you to control and identify some security risks…

:v: edit: the lock also controls if you want notifications from websites… etc

Ah! Yes, I also use Firefox but had not noticed that:


I’ll need to poke around a bit to confirm, but I don’t really think that counts as anything to worry about. Well, unless you really don’t want anyone knowing which images you loaded from!

Edit: Apparently, the issue is that the Gearbox Software Logo at the top-left of the page is served unencrypted from ​"http:​/​/​​assets/​images/​gbxLogo_forum.png" Doesn’t exactly seem like a deal-breaker to me, but I’ll mention it to the community manager when they get back from E3.


Figured… nice job … :acmaffirmative: the Russians are coming :alien: the Russians are coming… :acmhorror: peace out! :v: :boom:

1 Like

This is a common issue that affects all websites for the past year when the web decided all web content must be served over https. If you have even one file served over http, most web browsers will not give you the green padlock of approval. I heard there is also a push to change this status so “secure” sites have no padlock and everything else just comes up as unsecure. I would only be concerned if you are entering personal information (ie passwords and or payment info) for yellow warnings but if a website comes up red, back the crap out of such places!


Understood - and it’s something I need to address with some of my own sites sooner or later (although they’re mostly just static content - it’s the ones with user forms I’m more concerned about.)

OTOH given the increasing use of things like webroot it’s probably better from a “not causing unnecessary alarm” POV to fix the issue if, as seems to be the case, it’s just a single .png file tripping the alert.

1 Like