Question:
Why is this site blocked with browser error "MALWARE_GENERAL, BLOCK-MALWARE"?
Environment:
Cisco Web Security Appliance (WSA), AsyncOS versions 6.x and above
The notification code below
Notification codes: (1, MALWARE_GENERAL, BLOCK-MALWARE, , 0x0021aee7, 1220506712.572, QAAAAQAAAAAAAAAAKP8ACA==, http://www.domain.com/) is due to the fact that the mentioned URL has a low web reputation score (by default WBRS equal to or below -6.0) and therefore is blocked by the default setting in access policies for the WBRS filters.
The reason for the low reputation score is that the site has been detected, either currently or historically, as sending spam/viruses/trojans by our spam traps.
If you want to bypass WBRS scanning for the website, you can whitelist the site using URL categories, as they take precedence over Web Reputation filtering. Please refer to "How do I manually whitelist a webpage on WSA" for details on how to manually whitelist a web page.