IT guy says I have malware but can't find any

Question

Level 1

4 points

IT guy says I have malware but can't find any

I'm working on a project for my graduate program and they've contracted a web designer from outside the university. One of my jobs is updating the website, but every time I try to log into the website editor (Yootheme) in my browser, no matter what wifi I'm on, I get a 403 message--and I've tried it in more than one browser. The web designer says my computer (2015 MacBook Air running Monterey 12.6.7) is attempting to do a "direct file inclusion" attack and being blocked by his firewall. He says this means I have some kind of malware, especially since I wasn't actually trying to upload anything, just open the editor software. I've scanned the computer with Malwarebytes and Avira, but it didn't turn up anything except something it flagged as a "potentially unwanted program" and has quarantined. I'm still getting the 403 message. The web designer said this isn't surprising, that it's probably just undetectable by anti-virus, that Macs are quite vulnerable and people think they're safe but they're not, etc. etc., and urged me to take the computer to a specialist to do a deep cleaning. Do you guys think he could be right, and if so, is there anything I could do on my own to avoid having to bring my MacBook into the shop?

MacBook Air 13″, macOS 12.6

Posted on Sep 6, 2023 5:46 AM

Reply

Answer 1

Best reply

ku4hx

Level 7

23,532 points

Sep 6, 2023 6:18 AM in response to mal_el

Sounds like the site tech is just trying to justify his site not working and blaming others.

If you ever did have this working, what changed on your end? If nothing, I'd suspect something changed on the website.

The site tech guys is just trying to blame others and apparently has no understanding of how macOS works.

If you wish to "deep clean" your Mac, you can reinstall the OS from the recovery panel. This leaves user data untouched so you won't lose any data. However, prudent computer use means you backup firts.

How to reinstall macOS - Apple Support

You should avoid all "specialists" who claim they can clean up your Mac. If you do take it in, take it to an Apple Store.

Reply

Answer 2

Sep 6, 2023 7:30 AM in response to mal_el

The 403 error is typically a server side error. It sounds like the site admin does not know what is happening so is making up a story to pass the blame.

HTTP 403 forbidden errors are typically triggered by a server-side

setup issue. One of the most common reasons for a 403 forbidden error is the settings for a

specific folder or file. The site may have settings that deny you from accessing the relevant resources or failed to put the proper file access permissions in place.

Another common cause is the htaccess file settings, which may simply be wrong.

Other possible causes of a 403 forbidden error include:

Incorrect IP address: A domain name directs to an incorrect or outdated IP address hosting a site that prevents you from gaining access.
A page’s link differs from the version that has been cached.
Malware on the server
The site’s homepage isn’t named ‘index.php’ or ‘index.html’ or the server is incorrectly configured.