I am not an Optus customer but according to users on Whirlpool you can turn off the McAfee protection in your router.
FWIW in the same Whirlpool thread they had a link to https://sitelookup.mcafee.com/ where I have requested the mediaspy S3 bucket be classed as a content host (or whatever the wording was) with the comment that it’s an image host. Hopefully that helps other McAfee/Optus customers see the images.
I don’t know how much this helps but for a few days now whenever I go on here my anti-virus always sends a notification to say there are multiple suspicious connections blocked.
I think I’ve got the solution. There’s a problem with the implementation of AWS Dual Stack which is being used to access AWS S3.
The SSL certificate being provided by AWS is for *.s3-ap-southeast-2.amazonaws.com, however this is not actually the base for the subdomain being used to access the images, which is mediaspy-org-s3.s3.dualstack.ap-southeast-2.amazonaws.com - it will cause an issue for anyone with certain high security settings in place.
Best way would be to configure a sub domain ie images.mediaspy.org that points to the S3 bucket. Dual stack would be required for IPV6 connectivity so not a good idea to disable that.
So I’ve done a little bit of digging and called in a favour to confirm - the Amazon instances are providing valid certificates - what appears to be happening is that for ISPs that use Safe Browsing (or equivalent), it’s replacing the certificate on one of the instances because it’s believed to be suspicious in an attempt to redirect you to a landing page to say it’s suspicious.
There may be some things we can tweak at the backend to help, but I need to do a lot more reading first (and it also appears that if you make some changes, the system needs to rebake posts which is time-consuming, so I want to be sure we’re on the right path first).
If you dig deep into the certificate, there is an alias to ensure the cert covers the dualstack domain
So it does. Rookie error on my part. Interesting to note that the image with the non-dualstack link worked for @foxyrove, so the Safe Browsing issue must be limited to just the dualstack domain.
In an ideal world we would be IPv6 compatible, but everything in Australia at least still has an IPv4 fall back as significant parts of the internet are still running on IPv4.
Don’t worry, we had to dig pretty deep to find it. It didn’t make sense first off why it would report the certificate was valid when it didn’t match the top-level domain on the cert.
Possible merge suggestion for the ABC TV Plus - Programs and Schedules and ABC Comedy - Programs and Schedules threads, ahead of ABC TV Plus’ refresh in 2024, both on the ABC section in the television area of this forum. Why did the moderators not just merge these 2 threads when ABC TV Plus branding began in January 2021?
Thats because the second image is not hosted by us.
I’ve confirmed that McAfee has recategorized our image hosting, so that shouldn’t be an issue anymore - if it continues not to work, then I’m not sure what more we can do, the issue exists between you and the connection to our hosting.