Support

Pre-sales

#28535 akeebaback.cup redirected to robot challenge screen

Posted in ‘Pre-sales and Account Questions’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

tkruse
 Please look at the bottom of this page (under Support Policy Summary) for our support policy summary, containing important information regarding our working hours and our support policy. Thank you!

Hi, when I try to access your site using comcast internet, I get a 302 redirect to akeebaback.com/.well-known/captcha

Do you know why this is happening?

The same thing is happening for a few of the sites that I own, which are hosted at siteground.

Thx, Tom

nicholas
Akeeba Staff
Manager
There is no such URL on our site. Moreover, we do not perform any kind of redirection. Either your ISP is doing something weird or you have some malware on your computer. This is most definitely NOT normal and NOT something that originates from our site (at least the portion that's under our, not our host's control).

Being aware of Comcast's legendary levels of bad practices I wouldn't put it past them trying to inject their JavaScript on the page and / or perform shadow redirects. Just to make sure, let's try the following, ideally from a different computer and browser without any browser extensions, antivirus or Internet security / firewall products installed. Make sure you type https://www.akeebabackup.com in your browser address bar. Make sure that HTTPS and www are used. The page should load without CAPTCHA. If it loads with the CAPTCHA please check the SSL certificate. Our certificate is an Extended Validation SSL (EV SSL) certificate issued by COMODO EV SSL with the Organization Name set to Akeeba Ltd. If you see anything else then your ISP (Comcast) is essentially performing a Man In The Middle attack which means that they can read your private communications with SSL sites like ours. If that's the case you should contact them at once.

If, however, you do get a redirect to a CAPTCHA with the valid SSL certificate I want you to tell me your IP address and the exact time and city you were in when this happened so I can talk to SiteGround. I have never heard of them doing a CAPTCHA automatically but that doesn't mean they don't have some security feature I never heard about.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

tkruse
Hi Nicholas, looks like I am getting a valid SSL certificate (see attached).

My IP Address is 70.192.73.38
Location: Chester, NJ
Just tried accessing 2 minutes ago, 15:21 GMT

Please let me know what you find out from Siteground - I am getting the same issue on my sites and tried to get them to look into it, which didn't get me anywhere - but I'm sure you have more clout with them. Your site just happened to be one of the other sites I tested, where I got the same issue. Not having the issue with any other sites, so I was guessing you're using site ground as your host as well.

Thx, Tom

nicholas
Akeeba Staff
Manager
This looks like something SiteGround is doing. I have demanded further information from them. I am not very happy with them right now. This is not a documented feature and they didn't ask me or inform me about it. In fact, this is an antifeature which actively interferes with the way we conduct business (providing updates to subscribers through our site). Thank you for bringing this to my attention.

I'll keep you posted once I have further information about this.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

nicholas
Akeeba Staff
Manager
It appears that SiteGround is, indeed, responsible for this redirection. They are supposedly using an "AI" system to detect potential attacks and cause them to be redirected to a CAPTCHA page. They enabled this crap without asking or telling anyone.

The first obvious thing is that it's definitely not AI. It's just a simple filter based on a database of attack patterns. Comcast is a very popular host. Many script kiddies use it to attack sites. Therefore Comcast gets blocked by default.

The second very obvious problem they seem to have missed is that not all legitimate requests to our site come from a human-machine interface such as a browser. In fact, a good number of requests regard software downloads and updates. The immediate problem is that people see their updates failed, we think they have entered the wrong Download ID and waste our time trying to figure out what the heck is going on. In the end of the day people no longer trust us.

The third very obvious issue is that many people coming to our site get a CAPTCHA instead of our marketing material. Lost sales, here we come.

Again, thank you for the heads up. Now that we know that this thing happens we asked them to stop it.

Apparently the only way to get good, reliable hosting without surprises these days is to build and run your own server. Looks like we may have to end up wasting a not so negligible proportion of our time becoming systems administrators in the not so distant future. What can I say...

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

tkruse
Crazy, I spent the better part of the morning chasing my tail on this. Argh. Thanks for getting back to me with siteground update.

I attached the response to the ticket they started, after I called them back with the info you provided.

Best, Tom

nicholas
Akeeba Staff
Manager
I guess that you can now also access our site just fine since I asked SiteGround to disable this feature for our account.

As to how your IP gets blocked: as I said, Comcast is a very popular ISP and there are too many script kiddies launching attacks from their computers connected to the Internet through Comcast. If you use an automated system trying to find out patterns of common attacks and block "similar" attacks it follows that you will end up blocking Comcast and other major ISPs and hosting providers.

That's the crux of the problem. SiteGround makes arbitrary assumptions about the kind of traffic hitting our sites and takes arbitrary risk management decisions without consulting the affected party (its clients). For our business, the cost of "dirty" traffic is far lower than the cost of missed sales and failed updates due to an arbitrary CAPTCHA. In fact, we have our own defenses in place to deal with "dirty" traffic both at the web server and at the web application level. It's not like we do that for a living. I'm joking. Of course we do. We develop Admin Tools which offers exactly this kind of protection and it's configurable according to our business needs.

I don't blame them for their intentions. However, the road to Hell is paved with good intentions...

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: Typically we work Monday to Friday, 9am to 7pm Cyprus timezone (EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets, but we cannot respond to them, outside of our working hours.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!

Summer vacations: Our support will be closed for replies and new tickets from August 6th to August 21st, 2022 due to summer vacations.