APIVoid Browser Protection

Add-on/Extension Page
https://chromewebstore.google.com/detail/apivoid-browser-protectio/jobpjnhlpobhgdddaeifllnbbleopibe
https://addons.mozilla.org/en-US/firefox/addon/apivoid-browser-protection/
@HarborFront

No the data used by extensions should be contained per browser profile, within a (1) chromium based browser, so two different browsers should not share data.

As posted Helium link does not have a long link with connecting - in it and does not has chromium in name, so it has nothing strange in its link URL..
 
  • Like
Reactions: simmerskool, Sorrento and HarborFront
@pxxb1

The hardening rules are on "Protections" tab, they improve the browsing safety.

Even if you have Cloudflare DNS, other protection layers that don't create compatibility and performance issues are always good to have aboard, since if the layer 1 misses something, there is the layer N that can catch it. I don't use Cloudflare DNS here so can't comment much on that, but I think it doesn't allow to block file type downloads, our extension blocks download of suspicious file types such as .lnk, .cpl, .pif, etc (just a quick example).

@HarborFront

The protection rule "Block free hosting domains" on Protections tab will block only github.io and its subdomains, because unfortunately it is widely used to host live phishing pages according to recent reports. The other domain github.com (used to host code) is not blocked.

Under the EVENTS it said 'The last 50 blocked URLs'. Is it possible to see the list of blocked URLs?
Click to expand...

On the Events page we list the last 50 blocked URLs.

For a quick test, if you try to visit "google.top", it will be blocked and it will be saved on Events tab.

@Sorrento

The "Exclude domain" and "Proceed anyway" buttons work fine here, tested on Firefox 150.0.2:
limewire.com

Download exclude-buttons-test.mp4 | LimeWire

Download exclude-buttons-test.mp4 on LimeWire
limewire.com limewire.com

"Exclude domain" will add the domain on the exclusions list, while "Proceed anyway" will allow it for the current browsing session only.

@simmerskool

Don't have here Rocky Linux, but our extensions can be found on Mozilla addons page here:

Add-ons for Firefox (en-US)

Download Firefox extensions and themes. They’re like apps for your browser. They can block annoying ads, protect passwords, change browser appearance, and more.
addons.mozilla.org addons.mozilla.org

If you search for "APIVoid" or the full extension name like "APIVoid Browser Protection" it should list them.

Alternatively, you can get the Firefox links from our page here:
www.apivoid.com

Security Browser Extensions for Chrome and Firefox | APIVoid

Explore APIVoid security browser extensions for Chrome and Firefox. Block malicious and suspicious domains, prevent phishing attacks, and improve your browsing security with our extensions.
www.apivoid.com www.apivoid.com

Click on an extension, and then click on "Get on Firefox" button.
 
  • Like
  • +Reputation
  • Thanks
Reactions: simmerskool, Zero Knowledge, Zartarra and 2 others
NoVirusThanks said:
@simmerskool

Don't have here Rocky Linux, but our extensions can be found on Mozilla addons page here:

Add-ons for Firefox (en-US)

Download Firefox extensions and themes. They’re like apps for your browser. They can block annoying ads, protect passwords, change browser appearance, and more.
addons.mozilla.org addons.mozilla.org

If you search for "APIVoid" or the full extension name like "APIVoid Browser Protection" it should list them.

Alternatively, you can get the Firefox links from our page here:
www.apivoid.com

Security Browser Extensions for Chrome and Firefox | APIVoid

Explore APIVoid security browser extensions for Chrome and Firefox. Block malicious and suspicious domains, prevent phishing attacks, and improve your browsing security with our extensions.
www.apivoid.com www.apivoid.com

Click on an extension, and then click on "Get on Firefox" button.
Click to expand...
@NoVirusThanks that was my point, in fedora firefox search APIVoid found your extension immediately, and I am currently using it, BUT same search with Rocky linux ("enterprise") firefox did not find it, one difference I am aware of firefox in Rocky is 140.10.0esr ie a different version of firefox, perhaps that explains it... :unsure: Next time I boot Rocky I'll check again!
 
  • Like
Reactions: Sorrento and Dave Russo
@simmerskool

This detail is interesting: "one difference I am aware of firefox in Rocky is 140.10.0esr"

The minimum Firefox version required by all our extensions is 142.0, so my guess is that our extensions are not showing up in your search on Rocky Linux because your Firefox version doesn’t meet that requirement, and the add-ons search excludes them.
 
  • Like
  • +Reputation
Reactions: Gandalf_The_Grey, Sorrento and simmerskool
NoVirusThanks said:
@pxxb1

The hardening rules are on "Protections" tab, they improve the browsing safety.

Even if you have Cloudflare DNS, other protection layers that don't create compatibility and performance issues are always good to have aboard, since if the layer 1 misses something, there is the layer N that can catch it. I don't use Cloudflare DNS here so can't comment much on that, but I think it doesn't allow to block file type downloads, our extension blocks download of suspicious file types such as .lnk, .cpl, .pif, etc (just a quick example).

@HarborFront

The protection rule "Block free hosting domains" on Protections tab will block only github.io and its subdomains, because unfortunately it is widely used to host live phishing pages according to recent reports. The other domain github.com (used to host code) is not blocked.



On the Events page we list the last 50 blocked URLs.

For a quick test, if you try to visit "google.top", it will be blocked and it will be saved on Events tab.

@Sorrento

The "Exclude domain" and "Proceed anyway" buttons work fine here, tested on Firefox 150.0.2:
limewire.com

Download exclude-buttons-test.mp4 | LimeWire

Download exclude-buttons-test.mp4 on LimeWire
limewire.com limewire.com

"Exclude domain" will add the domain on the exclusions list, while "Proceed anyway" will allow it for the current browsing session only.

@simmerskool

Don't have here Rocky Linux, but our extensions can be found on Mozilla addons page here:

Add-ons for Firefox (en-US)

Download Firefox extensions and themes. They’re like apps for your browser. They can block annoying ads, protect passwords, change browser appearance, and more.
addons.mozilla.org addons.mozilla.org

If you search for "APIVoid" or the full extension name like "APIVoid Browser Protection" it should list them.

Alternatively, you can get the Firefox links from our page here:
www.apivoid.com

Security Browser Extensions for Chrome and Firefox | APIVoid

Explore APIVoid security browser extensions for Chrome and Firefox. Block malicious and suspicious domains, prevent phishing attacks, and improve your browsing security with our extensions.
www.apivoid.com www.apivoid.com

Click on an extension, and then click on "Get on Firefox" button.
Click to expand...

Those file type downloads you mention, does not Smartscreen in Windows catch those?
 
  • Like
Reactions: Sorrento, simmerskool and Parkinsond
@NoVirusThanks

When APIVoid block something, Brave blocks the block page of Api Void

1778998140877.png


When I pres RELOAD (Opnieuw laden), the popup page is show
1778998294380.png
 
  • Like
  • Sad
  • Wow
Reactions: Zero Knowledge, simmerskool, Morro and 1 other person
@Sorrento

I tested the latest Libre Wolf on Windows 11 and it worked fine (clicking the Exclude domain or Proceed anyway buttons worked).

Will run more tests to see if I can reproduce it and will update here should find more details.

@pxxb1

Our extension is preventive, meaning it blocks these suspicious file types before they are even downloaded (the file never reaches disk). This prevents users from accidentally running them and removes the need for the user to make a security decision (files are blocked by default). The extension complements SmartScreen as an additional defense layer. Additionally, you can customize other file types to block, such as you can block pdf, xls, doc, apk, py, and any other file type, if needed.

@LinuxFan58

Interesting, will install Brave and test it, should be fixed in the next version.
 
  • Like
  • +Reputation
  • Thanks
Reactions: Sorrento, Zero Knowledge, simmerskool and 2 others
@NoVirusThanks

I had a look at the rules of API Void Browser Protection and was a bit disappointed that the URL patters mostly had WordPress patterns in it
Code: 
# For any questions, contact: info@novirusthanks.org
^https?://[^/]+/wp-includes/.+$
^https?://[^/]+/wp-content/.*\.php(\?.*)?$
^https?://[^/]+/wp-content/.*\.html(\?.*)?$
^https?://[^/]+/wp-content/plugins/[^/]+/.+$
^https?://[^/]+/wp-content/themes/[^/]+/[^.]+$
^https?://[^/]+/wp-content/uploads/[^.]+$
^https?://[^/]+/wp-admin/.*\.html(\?.*)?$
^https?://[^/]+/\.well-known/.+$

I had expected to find more phishing like regex patterns like the ones below (which I used in uBol extension).
These rules are commented by the the MalwareTips-in-house-AI-Bot on risk of breaking stuff.

1779252867401.png


Maybe an idea to add some more phishing like patterns in this section (after all AI assesses them as relatively safe and targeted)?

In the TLD protection section you already block TOP and XYZ TLD's completely (which the in-house-AI-Bot would consider less targeted), so they can be omitted in the above regex rules.
 
Last edited:
  • Like
Reactions: simmerskool
NoVirusThanks said:
@Sorrento

I tested the latest Libre Wolf on Windows 11 and it worked fine (clicking the Exclude domain or Proceed anyway buttons worked).

Will run more tests to see if I can reproduce it and will update here should find more details.

@pxxb1

Our extension is preventive, meaning it blocks these suspicious file types before they are even downloaded (the file never reaches disk). This prevents users from accidentally running them and removes the need for the user to make a security decision (files are blocked by default). The extension complements SmartScreen as an additional defense layer. Additionally, you can customize other file types to block, such as you can block pdf, xls, doc, apk, py, and any other file type, if needed.

@LinuxFan58

Interesting, will install Brave and test it, should be fixed in the next version.
Click to expand...
Thanks that is appreciated, it may have been a glitch, me or an unknown issue at the time but thanks for looking into this, that's great!
 
  • Like
Reactions: bjm_ and simmerskool
@LinuxFan58

They cover the vast majority of compromised WP sites used for phishing, more rules will be added with time.

In your example rules, they are already covered by the "Block suspicious TLDs" rule, so adding them separately would be redundant.

We're limited in the number of DNR rules we can use (mainly due to Firefox), so we need to keep them compact and avoid redundancy as much as possible.

@bjm_

Thanks for reporting the issue is also on Chrome, will be fixed on the next version.
 
  • Thanks
  • +Reputation
  • Applause
Reactions: Sorrento, bjm_ and simmerskool

You may also like...