Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Phishing website block on VPS
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Phishing website block on VPS

CiprianoOscarCiprianoOscar Member, Host Rep
in Help

Hello,

I'm here to ask if anyone knows a method to block scam websites on KVM and OPENVZ vps.

I have currently solved the spam emails by blocking the SMTP ports.

Comments

  • deankdeank Member, Troll

    Disconnect it from the internet. It will solve all your issues.

    It will create other issues tho.

    Thanked by 7yoursunny skorupion dahartigan sanvit AlwaysSkint chocolateshirt imok
  • yoursunnyyoursunny Member, IPv6 Advocate

    sudo ufw deny 443
    Very effective, all phishing websites are gone instantly.

    Thanked by 3skorupion comXyz WSWD
  • comXyzcomXyz Member

    @yoursunny said:
    sudo ufw deny 443
    Very effective, all phishing websites are gone instantly.

    ufw deny 80 also

    Thanked by 1dahartigan
  • bulbasaurbulbasaur Member
    edited September 2021

    You could monitor phishtank, openphish and urlscan.io's feed and detect if they're using your VPS based on the results of a DNS resolution.

    Proactively detecting phishing websites is not a game that you can win. Phishing gangs at the top of their game only allow traffic from residential ISPs, cloak their content such that it is served only when visited from a certain URL shortener (the URL shortener link is shared with the victim) and based on the user's Accept-Language headers.

    Thanked by 2dahartigan mrTom
  • CiprianoOscarCiprianoOscar Member, Host Rep

    i think i will block port 80 and 443 and if the client need this port opened i will make an account verification

  • sanvitsanvit Member

    @CiprianoOscar said: i will block port 80 and 443

    hmmmm.....

    Thanked by 1chocolateshirt
  • rustelekomrustelekom Member, Patron Provider

    @CiprianoOscar said:
    i think i will block port 80 and 443 and if the client need this port opened i will make an account verification

    Some posts above was just sarcasm. Of course you don't need block 80 and 443 ports (as well as 25 port BTW) because this make your VPS useless. You are already offered to use well known phishtank, openphish and so on. But you should understand you cannot win over phishers. Unfortunately they have enough money to register lot of domains, order lot of proxy services to get their phishing sites always online.

    Take strict action against such person, require additional information, check all their data (ip's, phone, browser, payment method etc.) and this will decrease number of malicious users. If you will strict enough they will gone away. It's like with cockroaches - if you don't fight them, they will bother you again and again...

  • CiprianoOscarCiprianoOscar Member, Host Rep

    @rustelekom said:

    @CiprianoOscar said:
    i think i will block port 80 and 443 and if the client need this port opened i will make an account verification

    Some posts above was just sarcasm. Of course you don't need block 80 and 443 ports (as well as 25 port BTW) because this make your VPS useless. You are already offered to use well known phishtank, openphish and so on. But you should understand you cannot win over phishers. Unfortunately they have enough money to register lot of domains, order lot of proxy services to get their phishing sites always online.

    Take strict action against such person, require additional information, check all their data (ip's, phone, browser, payment method etc.) and this will decrease number of malicious users. If you will strict enough they will gone away. It's like with cockroaches - if you don't fight them, they will bother you again and again...

    Thanks a lot <3

    Thanked by 1srvjap
Sign In or Register to comment.