Please remove "polorix" links from site.

hi, webmasters & mod’s.
there is & has been for a long time a Virus/Malicious Code attached to all links to the old polorix site.

see here:
http://blenderartists.org/forum/showthread.php?p=1248064

Simply by visiting this page the pop up appears without clicking any link.
To me, this is a worry, how is this happening?
there must be some code that has attached to the polorix links via…
external factors.
This is not a BA only problem.
It affects all links to the now CLOSED polorix site, worldwide.

Probably harmless, but annoying & worrying at the same time.

There are now 500 references to polorix on this site.
http://blenderartists.org/forum/search.php?searchid=1645072

whilst it would be not practical to simply delete all these threads,
is there a way to parse the code & find & replace/delete all links to polorix?

personally, I would be happy to go through & manually delete all these links.
just to avoid the bad karma, malicious pop ups like this could cause the reputation of this site, through no fault of it’s own.

pm me if this is the only way & we could work out the best procedure to remove all links to polorix from this site.

i have just visited the website and i dont get a single pop up… so i personally dont see a point of removing the link to that website

In firefox i get 1,000’s of pop up requests. I think it is looking for a user name and password. polorix was a cool site to post your animation video’s under. I guess they went out of business or the guy could not afford the hosting.

If the popup you’re talking about is the one wanting a username and password, it it NOT a virus. That is a standard “basic authentication” request from the web server. something on the link is trying to get somewhere the web server thinks they need to be authenticated for. Just close the popup and ignore it.

Beat me to it.

There’s nothing you can do except not visit those threads.

something on the link is trying to get somewhere the web server thinks they need to be authenticated for. Just close the popup and ignore it.

well, as true & supportive of my concerns this is.

Something on the link.

something like what?
that affects only links to the old polorix site.

is trying to get somewhere the web server thinks they need to be authenticated for

Before polorix was hacked by malicious offenders, the was no pop up.
you just entered the site, THEN entered your authentication.
just like any other site.
no other links auto pop up auth. requests.
so why does this link to a CLOSED/non existent site ask me for auth. on a unrelated site.
Without my permission, without clicking on or hovering the mouse over the link.

The whole point is.
This is not supposed to happen.
The pop ups are directly related to a site closed due to the site being maliciously attacked.
This is not just a BA related thing other forums are affected.

I have several links to polorix on my soon to be old site.
http://brendonmurphy1.googlepages.com/materiallibrary's
No Polorix pop ups there are there.!?

I guess it must be ok then.
It just affects forums.

Just close the popup and ignore it.

Brilliant, sweep it under the forum rug.

Anyway, that’s enough said by me.

Just close the popup and ignore it.

indeed i do.

Those things freeze the entire screen, I have to use the task manager to
close firefox when those things pop up, I’m afraid to click them :smiley:

What I’m saying is it is a STANDARD HTTP request (sends a 401 if you don’t authentiacte) for authentication. If someone goes on a web server and puts in an .htaccess file that wants basica authentication, the browser will pop that Username/Pwd thing up without them doing anything else. It’s not a hack attempt is what I’m saying. There is nothing to “sweep under the rug”.

Someone just probably wen into Apache and configured it to require authentication to get to certain things on the old site. Do a Google search on “basic authentication using Apache” and you will see what I’m talking about. (Like: http://httpd.apache.org/docs/1.3/howto/auth.html)

It’s not a hacker.

@andy circus: they are SUPPOSED to stop anything else from going on. Just click CANCEL (in this case) and it’s fine. If it REALY is a javascript/hacker attack you would see the code on “the page” when viewing the source. In the authentication stuff like above, there is nothing on the “page” causing it, it’s the BROWSER doing it.