Corporate Firewall block - virus="FormBook"

[peebee10]

I have already raised this issue with Squarespace Customer Care (Support Request #4378187) over 24 hours ago but no response whatsoever as yet. "Live Chat" seems to be permanently closed? Google no great help to this stage. I thought/hoped perhaps somebody here may have had a similar experience?

We have been advised by a coporate client that visiting our well established Squarespace site is triggering a Firewall Alert/block. Context of the specific Alert is below. The firewall alert is being detected by Fortigate (https://www.fortinet.com/products/next-generation-firewall.html)

IP 198.185.159.144 is Squarespace.

Whilst this may well be a false positive, the alert of virus="FormBook" is a serious concern: https://www.symantec.com/security-center/writeup/2019-020107-5257-99 https://fortiguard.com/encyclopedia/botnet/7630314

<----------------ALERT--------------->

Message meets Alert condition

File Block Detected: Protocol: Email Address From: Email Address To:

date=2019-08-28 time=11:34:13 devname=FG201ETK18900821 devid=FG201ETK18900821 logid="0202009249" type="utm" subtype="virus" eventtype="botnet" level="notice" vd="root" eventtime=1566956052 msg="Botnet C&C Communication." action="monitored" sessionid=762300281 srcip=192.168.250.131 dstip=198.185.159.144 srcport=57804 dstport=80 srcintf="port4" srcintfrole="dmz" dstintf="wan1" dstintfrole="wan" proto=6 direction="outgoing" virus="FormBook" dtype="ip-reputation" ref="http://www.fortinet.com/be?bid=7630314" virusid=7630314 crscore=50 crlevel="critical"

[dogdoug]

I'm also having this issue. How long does it take a new Squarespace site to not get blocked by corporate firewall settings? Squarespace recommends "changing your network security settings" to prevent blockage... but that's not an option for people that work at giant companies. I would like people that work at giant companies to be able to access my site too! Thanks!

[tuanphan]

You should should this request to Squarespace Customer Care.

[emilysessoms]

On 2/9/2021 at 7:27 PM, dogdoug said:

I'm also having this issue. How long does it take a new Squarespace site to not get blocked by corporate firewall settings? Squarespace recommends "changing your network security settings" to prevent blockage... but that's not an option for people that work at giant companies. I would like people that work at giant companies to be able to access my site too! Thanks!

I'm also having this issue. Has anyone found a solution? People continue to reach out to me saying that their company firewall is blocking the site entirely. Is there anything that can be done on the editor side of the website to prevent this from happening?