Norton Internet Security warns when FrontPage confirmation page displayed

  • Thread starter Thread starter rodziewicz1
  • Start date Start date
R

rodziewicz1

I have Norton Internet Security installed and when filling in remote
forms created with FP 2000 form handler I get message "A recent attempt
to attack your computer was blocked".
For me this is no problem but people for whome I have designed websites
using the FP2000 form handler tell me their customers get similar
warnings from their firewalls when submitting the forms.

I would like to know why this warning appears and most importantly is
there a way to stop this happening.

Many thanks
 
What is on the form and confirmation page?

You have no control over NIS and it settings on each user's machine.

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
==============================================
If you feel your current issue is a results of installing
a Service Pack or security update, please contact
Microsoft Product Support Services:
http://support.microsoft.com
If the problem can be shown to have been caused by a
security update, then there is usually no charge for the call.
==============================================
 
I have put up a test form at
http://www.wimbledonvisitor.com/formtest.html

which links to a confirmation page and NIS does set off this warning on
my machine. The confirmation page shows as

http://www.wimbledonvisitor.com/_vti_bin/shtml.exe/formtest.html and I
wonder if it is either the shtml or exe or both that are setting it
off.

I appreciate there is no control over how others have their firewalls
configured but wonder if there is anything I can do differently when
designing these forms so it does not happen.
 
I have put up a test form at
http://www.wimbledonvisitor.com/formtest.html

which links to a confirmation page and NIS does set off this warning on
my machine. The confirmation page shows as

http://www.wimbledonvisitor.com/_vti_bin/shtml.exe/formtest.html and I
wonder if it is either the shtml or exe or both that are setting it
off.

I appreciate there is no control over how others have their firewalls
configured but wonder if there is anything I can do differently when
designing these forms so it does not happen.
Click to expand...

You could use a different form handler (ask your host) to handle forms.

Otherwise, the forms will continue to have the URL (which I assume) is what
NIS is picking up on.

You could try suggesting ways for users to "click through" the warning and
putting instructions on the form.

Overall though, you can't really protect yourself from the garbage
(including NIS) users install on their systems.
 
The confirmation page field under form properties should be blank unless you are using a custom
confirmation page, it should not be pointing to the from.

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
==============================================
If you feel your current issue is a results of installing
a Service Pack or security update, please contact
Microsoft Product Support Services:
http://support.microsoft.com
If the problem can be shown to have been caused by a
security update, then there is usually no charge for the call.
==============================================
 
Try using the default confirmation page.

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
==============================================
If you feel your current issue is a results of installing
a Service Pack or security update, please contact
Microsoft Product Support Services:
http://support.microsoft.com
If the problem can be shown to have been caused by a
security update, then there is usually no charge for the call.
==============================================
 
Its the site meter on the confirmation page sm6.sitemeter.com(70.84.88.114) causing the attack

Delete it at
<script type="text/javascript" language="JavaScript">var site="sm6wimbledon"</script>
<script type="text/javascript" language="JavaScript1.2" src="http://sm6.sitemeter.com/js/counter.js?site=sm6wimbledon">
</script>
<noscript>
<a href="http://sm6.sitemeter.com/stats.asp?site=sm6wimbledon" target="_top">
<img src="http://sm6.sitemeter.com/meter.asp?site=sm6wimbledon" alt="Site Meter" border=0></a>
</noscript>
<!-- Copyright (c)2000 Site Meter -->

You also have a base ref tag at the top of the page which should be deleted
<base href="http://wimbledonvisitor.com/formtest_confirmation.html">

Looks like you other pages w/ the site meter but w/o the base ref do not throw the alert
--

_____________________________________________
SBR @ ENJOY (-: [ Microsoft MVP - FrontPage ]
"Warning - Using the F1 Key will not break anything!" (-;
To find the best Newsgroup for FrontPage support see:
http://www.frontpagemvps.com/FrontPageNewsGroups/tabid/53/Default.aspx
_____________________________________________


|I have put up a test form at
| http://www.wimbledonvisitor.com/formtest.html
|
| which links to a confirmation page and NIS does set off this warning on
| my machine. The confirmation page shows as
|
| http://www.wimbledonvisitor.com/_vti_bin/shtml.exe/formtest.html and I
| wonder if it is either the shtml or exe or both that are setting it
| off.
|
| I appreciate there is no control over how others have their firewalls
| configured but wonder if there is anything I can do differently when
| designing these forms so it does not happen.
|
 
I removed the sitemeter from the confirmation page (and on other
confirmation pages on site that were giving same problem) and, yes,
this has cleared the problem.

Thank you very much for your help.
 
Back
Top