sfw/fix
Pillar · 44 errors

Security & Blocklisting

When a site is hacked or flagged, browsers and Google interpose a red warning screen that obliterates traffic overnight. These errors are urgent — every hour flagged is lost trust and lost revenue.

Deceptive site aheadGoogle Safe Browsing "Deceptive site ahead" warning Google Safe Browsing flagged the site for phishing or malware, so Chrome shows a full red interstitial before the page loads. critical The site ahead contains malwareChrome "The site ahead contains malware" warning Google Safe Browsing flagged the site as hosting or pushing malware, so Chrome throws a red full-page block before it loads. critical Site contains malware"The site ahead contains malware" Safe Browsing block Google detected malware hosted or distributed from your domain and blocks the page with a red interstitial in Chrome, Firefox, and Safari. critical Dangerous siteChrome "Dangerous site" red full-page warning Google Safe Browsing flagged the site for phishing or actively harmful content and shows a red full-screen block. critical Reported Attack PageFirefox "Reported Attack Page!" / "Deceptive site" block Firefox's malware protection, fed by Google Safe Browsing, blocked the site for serving attack code or malware. critical Ads: malicious softwareGoogle Ads disapproved - "Compromised site" / Malicious or unwanted software Google's ad crawler found malware or sneaky redirects somewhere in your landing-page chain and pulled the ad. critical GSC: Social engineeringSearch Console Security Issues - "Social engineering content detected" Google flagged deceptive or phishing content on your site, triggering the red "Deceptive site" warning in browsers. critical Harmful downloadsSearch Console Security Issues — "Harmful downloads" / "Uncommon download" Google Safe Browsing flagged files your site serves or links to, triggering Chrome download warnings and a Search Console alert. critical Spamhaus SBL/XBL listedIP listed on Spamhaus blocklist (DNSBL) Your sending IP is on a Spamhaus DNSBL as a spam source or compromised host, so receiving mail servers reject your messages. high SmartScreen: unsafe siteMicrosoft Defender SmartScreen "This site has been reported as unsafe" Your URL matched Microsoft's reported-sites list, so Edge blocks the page with a SmartScreen interstitial before it loads. high Error 1020Cloudflare Error 1020: Access Denied A Cloudflare firewall or WAF rule matched the request and blocked it outright, returning the 1020 page with a Ray ID. high Access Denied - Sucuri WAFAccess Denied — Sucuri Website Firewall Sucuri's cloud WAF judged the request malicious or your origin is blocking Sucuri's IPs, so the firewall returns its Access Denied page. high This site may be hackedGoogle "This site may be hacked" label in search results Google found injected spam or compromised pages and stamps a warning under your search result until you clean it and pass review. high HSTS — no bypassHSTS block: "You cannot visit … right now because the website uses HSTS" On an HSTS domain a cert error has no "Proceed anyway" link — the policy forbids the override, so you must fix the certificate. high CAA record prevents issuance"CAA record for example.com prevents issuance" (SSL) A DNS CAA record authorizes only certain CAs, so your CA is refused and the certificate won't issue or renew. high ERR_CERT_SYMANTEC_LEGACYNET::ERR_CERT_SYMANTEC_LEGACY (distrusted CA) The certificate chains to a legacy Symantec-family root that Chrome and Firefox distrusted, so the site is hard-blocked. high KEY_PINNING_FAILUREMOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE (HPKP mismatch) Firefox blocked the site because the served certificate's key doesn't match a pin it has stored or built in. high Flagged red (WebAdvisor)McAfee WebAdvisor / SiteAdvisor red "suspicious site" blocklist McAfee's reputation engine flagged the domain red for malware or bad-neighbor signals, warning or blocking visitors who use it. high Imunify360 403Imunify360 403 Forbidden / CAPTCHA - your access has been blocked The Imunify360 WAF on cPanel hosting greylisted your IP and now returns a 403 or a reCAPTCHA you must solve. high Spamhaus DBL listedDomain listed on the Spamhaus Domain Blocklist (DBL) Spamhaus listed your domain name for poor reputation, so filters and some browsers block or flag it. high Error 1009Cloudflare Error 1009: Access Denied — country or region banned A Cloudflare geo rule blocked the visitor's country before the request reached your origin, returning a 403. high Error 1012Cloudflare Error 1012: Access Denied Cloudflare blocked the visitor's IP or network over detected malicious activity, returning a 403 before the origin. high Error 1014Cloudflare Error 1014: CNAME Cross-User Banned A CNAME points to a hostname in a different Cloudflare account, which Cloudflare refuses to resolve by default. high 403 — WAF blockedAWS WAF 403 Forbidden — "Request blocked" An AWS WAF rule matched the request and returned the default 403 block before it reached your application. high Reference #18Akamai "Access Denied — Reference #18..." (Kona WAF block) Akamai's edge WAF or Bot Manager rejected the request with a 403 and a Reference #18 error ID. high SURBL / URIBL listedDomain listed on a URI blocklist (SURBL / URIBL) Your domain appears in spam or phishing message bodies, so SURBL or URIBL blocklisted the domain itself. high Umbrella blockedCisco Umbrella / OpenDNS "This site is blocked" (DNS-layer category block) A network's Umbrella or OpenDNS resolver classified the domain and returned its block page instead of the site. high Access to this site has been limitedWordfence "Your access to this site has been limited" (403) Wordfence blocked your IP after a rule trigger, failed logins, or rate limiting, returning a 403 lockout page instead of the site. medium Error 1015Cloudflare Error 1015: You are being rate limited Too many requests from one IP or session in a short window tripped a Cloudflare rate-limiting rule, so the edge throttles you temporarily. medium Refused to load (CSP)"Refused to load … violates the following Content Security Policy directive" A Content-Security-Policy header blocked a script, style, image, or inline code because its source isn't on the page's allowlist. medium X-Frame-Options: SAMEORIGIN"Refused to display in a frame because it set 'X-Frame-Options' to 'sameorigin'" An anti-clickjacking header on the target page blocks it from being embedded in an iframe on a different domain, so the frame renders blank. medium 406 Not AcceptableModSecurity "406 Not Acceptable" (WAF rule blocked) A ModSecurity OWASP rule matched your request payload, decided it looked like an attack, and returned 406 (or 403). medium Norton: dangerous web pageNorton Safe Web "Norton blocked this dangerous web page" Norton's Safe Web reputation engine rated your URL malicious or phishing and blocks every visitor who has Norton installed. medium ERR_BLOCKED_BY_ADMINISTRATORERR_BLOCKED_BY_ADMINISTRATOR (managed-policy URL block) A Chrome or Edge group policy (URLBlocklist) on a managed device or network is denying the site outright. medium Error 1010Cloudflare Error 1010: Access denied (browser signature banned) Cloudflare's Browser Integrity Check banned the request because the browser's signature matched a known bot or automation fingerprint. medium Error 1006/1007/1008Cloudflare Error 1006, 1007, 1008: Access Denied - your IP has been banned A Cloudflare firewall rule blocked your IP: 1006 is a direct ban, 1007 is a country block, 1008 is a custom access rule. medium ERR_UNSAFE_PORTnet::ERR_UNSAFE_PORT - this site can't be reached (blocked port) Chrome and Firefox refuse to open a URL on a port they hard-block as a security risk, like 21, 22, 25, or 6000. medium 403.6HTTP Error 403.6 - Forbidden: IP address rejected (IIS) IIS blocked the request because the client IP matches a deny rule in IP and Domain Restrictions. medium BitNinja BICBitNinja "site is protected by BitNinja" security check / challenge page BitNinja greylisted the visitor's IP for suspicious behavior and is serving a challenge page instead of the site. medium ERR_BLOCKED_BY_RESPONSEnet::ERR_BLOCKED_BY_RESPONSE (CORB/ORB/COEP cross-origin block) The server answered, but Chrome discarded the response because it broke a cross-origin protection like CORP or COEP. medium Refused to execute inline script"Refused to execute inline script because it violates the following Content Security Policy directive" A Content-Security-Policy script-src directive without 'unsafe-inline' blocked an inline <script> or event handler. medium http:BL blockBlocked by Project Honey Pot http:BL (DNS blacklist) A site security plugin queried Project Honey Pot's http:BL and blocked the visitor's IP as a flagged threat. medium ERR_BLOCKED_BY_CLIENTnet::ERR_BLOCKED_BY_CLIENT (request blocked client-side) The browser — not your server — blocked a resource, almost always an ad blocker or privacy extension matching it against a filter list. low ERR_BLOCKED_BY_XSS_AUDITORnet::ERR_BLOCKED_BY_XSS_AUDITOR (legacy reflected-XSS block) Old Chrome's XSS Auditor blocked a page because request input appeared reflected in the response, usually a false positive. low