This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

How do I get a website's risk level lowered, since we know it is safe?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

How do I get a website's risk level lowered, since we know it is safe?

lloving
L0 Member

‎08-14-2024 08:20 AM

Earlier this week, I submitted a website that was blocked because it was categorized as malware incorrectly.  This was corrected very quickly. Now that same website is blocked because it is listed as "high risk".  We know that it is not. When I tried to use the same method to change the category, the message tells me I need to contact support to fix this. The problem is that if I use the customer support portal, I cannot accurately report the problem, and am required to fill out information that does not apply. I tried to call, and the call tree refuses to connect me to a live person, because I do not have a support ticket, and disconnects the call. 

How do I get a website changed from "high risk" to a more acceptable level?

We are using a Palo PA-850

Thank you

L

1 person had this problem.
4 REPLIES 4

BPry
Cyber Elite
Cyber Elite

‎08-14-2024 08:26 AM

@lloving,

If it's something that you've deemed same then override it so your users can access that site. This category can't be modified via request and isn't something that is recommended to be blocked (however a lot of people do). The criteria for high-risk is the following:

  • Sites previously confirmed to be malware, phishing, or C2 sites that have displayed only benign activity for at least 30 days.
  • Unknown domains are classified as high-risk until PAN-DB completes site analysis and categorization.
  • Sites that are associated with confirmed malicious activity. For example, a page might be high-risk if there are malicious hosts on the same domain, even if the page itself does not contain malicious content.
  • Bulletproof ISP-hosted sites.
  • Sites hosted on IPs from ASNs that are known to allow malicious content.

 

It's possible that the activity that PAN recorded simply cleared since your manual review, but they still have malicious activity recorded. Contacting support wouldn't have them clear the high-risk categorization, it would simply lead to them walking you through making an exception.

0 Likes Likes

lloving
L0 Member

‎08-14-2024 08:31 AM

is there any way to know what the trigger was? the website is https://mthf.org/resource/2024-medicaid-in-montana/ 

0 Likes Likes

Goofball
L0 Member
In response to lloving

‎08-14-2024 09:09 PM

Hi Lloving,

I found your post because my website was flagged as malicious, similarly to the one you're having trouble accessing.  In another post I found this link for the owner of the website to use to request a change; it's what I need to solve my issue, and maybe the owner of MTHF can submit their website for reevaluation as well.
https://urlfiltering.paloaltonetworks.com/

lloving
L0 Member
In response to Goofball

‎08-15-2024 06:22 AM

Thank you @Goofball! I will pass that on, to see if they will do it.

 

  • 683 Views
  • 4 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks