Start a new topic

CUJO Block page extension for Firefox, Chrome and Safari

Hey everybody,


We have some more stuff for the Beta testers!


We are releasing CUJO Block page extensions for Firefox, Chrome and Safari.

With this extension, you will be able to see CUJO block page for HTTPS traffic as well.


Here are the download links:


Firefox: https://addons.mozilla.org/en-US/firefox/addon/cujo-block-page/

Chrome: https://chrome.google.com/webstore/detail/cujo-block-page/gipddabiecnnmookndcedicdfnodnjpe?utm_source=gmail

Safari: https://safari-extensions.apple.com/details/?id=com.cujo.cujo-block-page-2CT6WSHBJ9


We will be waiting for your feedback! Thanks!


Is there a FAQ available on how this works?

Hi Ciarán,


Unfortunately, we do not have a FAQ yet, but the functionality is rather simple:

Without this extension, when CUJO blocks HTTPS page, you will see an error from your browser, that connection was reset.
With CUJO Extension, you will see regular CUJO Block page when CUJO blocks HTTPS website.


Bug Report: on several occasions the CUJO Chrome extension has triggered while my laptop is not connected to my home network. As an example, I was browsing this site while away from home on my corporate office network: 
https://www.droid-life.com/


After a few moments, and it's completely finished loading the page, the Cujo block page shows up. I'm not versed enough in network diagnosis to see exactly why this might be happening. I reproduced it several times on several articles on this site.

I guess I never thought to ask before: Is the extension supposed to be tied to my home CUJO? Or is it intended to be a general-purpose malicious blocking extension, no matter what network I'm connected to?

Hi Steve,


Thank you for your feedback!


First of all, this extension is not exactly tied to your home CUJO. It basically detects HTTPS connection resets and then displays the block page. Even if there was a different firewall in the network, with this extension, you would still see CUJO splash screen once HTTPS connection is being blocked.


Is it possible that your corporate environment also has network firewall in place? Because I suspect that your corporate environment might also be blocking a part of that website, and therefore you are seeing that block. You can also try turning off the extension to see whether the page works fine without it.


Best regards,

Dave

So the extension is really just a RST packet detector? That's not going to help with the current Cujo false positive problems, anything on route even the web server itself could send a RST and it wouldn't mean the site is malicious.

Yes, there is definitely some sort of network firewall in place here. So the question becomes: what exactly is the CUJO block page trying to tell me? That some part of the HTTPS connection is being blocked? The block page only indicates "This website has been blocked as it may contain inappropriate content", which is misleading. There needs to be a better description of why this is being blocked, or let me ignore it, etc.  Unless there is truly "inappropriate content", but I'm not sure how you can diagnose that just by detecting https-resets, which are going to happen on any network firewall? Potentially?

Hi All


Updated Cujo last week with the new Cujo orange block pages and I am seriously sick of seeing the page. 


Every site (close to 100%) that I visit starts with the Cujo block page. Even sites that I manage and I *know* are clean. 


It is like the Cujo system (my device or the browser plugin) thinks the whole world is a risk. (Yes, I know it is, but...)


How can I tone this down ?  Where can I white list my servers ? I manage servers with over 600 websites and my productivity is slipping as I negotiate extra clicks to "visit this unsafe site."


For most of these sites the http: is redirected to https: and the SSL is within shared hosting, is something in that configuration triggering the block ?


I am going to disable the browser plugin for now and see what happens.


Thanks

Tony




Ok....  the Cujo plugin for Chrome is not installed on this computer. 


So how is it that the block page is presented ?  From reading above thread the plugin is not a part of my Cujo here at home ?


I reviewed the block page that I opened immediately prior to looking at the forum for some feedback and this is the URL of the block page and the site that triggered it:


http://block.getcujo.com/warn?url=http://ds00404.wrenmaxwell.net/&token=82a5a5df


In this case, I failed to specify the https and let Chrome use the default http. Trying again with https specified takes me directly to the site and all is good. 


So if the browser plugin is not responsible, it must be the Cujo system presenting the block page.  Obviously I cannot disable the Cujo plugin if it is not installed. I will monitor on this computer today and note all blocked sites.


Tony




Hi All


Hey Cujo, this is just getting on my nerves. Every website on my hosted servers is getting the "Lets wait a minute?" page. 


How can I turn this off ? Its not the plugin as that is not installed. It is the Cujo device / remote software and it is currently killing my productivity.


Understand, that as a webdev / sysadmin I use multiple web browsers and multiple devices to connect to multiple servers and multiple websites. I say 'yes' connect to the 'unsafe' site, but that is not persistent across the multiple browsers or devices even though they are effectively from the same IP address from my ISP. 


So for a single website testing presentation in 4 browsers on my PC and an ipad and an iphone, I have 6 access permissions to provide in the 'Cujo unsafe site' and then I swap to another site and repeat the exercise.  I have 8 hosting servers with >800 client sites, sure I do not hit every site every day, but I do hit a lot of sites and servers and generally they are all at different times on different browsers and devices. 


This is non-trivial in my case and as I said earlier, it is killing my productivity. 


Help, please Mr Wizard..........


cheers

Tony



 



Login to post a comment