Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Can I remove my new domain from security vendors' phishing domain lists?
Message
<blockquote data-quote="tech_eng" data-source="post: 1018590" data-attributes="member: 89272"><p>I recently learned how to use Cloudflare Tunnels to expose securely services hosted at my home lab (a <a href="https://www.youtube.com/watch?v=ey4u7OUAF3c" target="_blank">NetworkChuck Video</a> couple of weeks ago).</p><p>I registered a new domain, connected it with CloudFlare and linked a couple of my homelab services (jellyfin, tinytiny rss feed aggregator) to its Zero Trust Tunnels and it worked great.</p><p></p><p>A couple of days later I was surprised that Google flagged my domain and all subdomains as dangerous (Phishing and malware). Still at this point I can force Chrome to continue to the dangerous site and view my own content. But few hours later other security solutions started flagging my domain too, BitDefender, Avast, Fortinet. Checking on VirusTotal I found that around 6 other vendors were flagging my domain.</p><p></p><p>I registered my domain with Google Search Console/Webmaster tools, and it showed that the tinytiny-rss feed aggregator is the reason to flag my domain (which is strange, as it is an open-source app with no known security issues). I removed the suspected hostname/subdomain from the tunnel, and requested a Review from Google. A couple of days later they checked, and removed my domain from their SafeBrowsing lists. But at that point around 15 other vendors were still flagging my domain as Malicious/Phishing.</p><p></p><p>It has been now around 2 weeks that I am off Google's list, but still 11 vendors flag my domain as phishing. Fortinet is the worst because it is the Firewall at my work and I have no option to bypass it to access my services.</p><p></p><p>(As a quick solution, I registered another domain and configured CloudFlare's WAF to block bots. It is working with no issues for now.)</p><p></p><p>I tried requesting/filling false-positive forms on some of the vendors websites, but it doesn't seem to work.</p><p></p><p>Any tips if I can ever remove my domain from those lists?</p></blockquote><p></p>
[QUOTE="tech_eng, post: 1018590, member: 89272"] I recently learned how to use Cloudflare Tunnels to expose securely services hosted at my home lab (a [URL='https://www.youtube.com/watch?v=ey4u7OUAF3c']NetworkChuck Video[/URL] couple of weeks ago). I registered a new domain, connected it with CloudFlare and linked a couple of my homelab services (jellyfin, tinytiny rss feed aggregator) to its Zero Trust Tunnels and it worked great. A couple of days later I was surprised that Google flagged my domain and all subdomains as dangerous (Phishing and malware). Still at this point I can force Chrome to continue to the dangerous site and view my own content. But few hours later other security solutions started flagging my domain too, BitDefender, Avast, Fortinet. Checking on VirusTotal I found that around 6 other vendors were flagging my domain. I registered my domain with Google Search Console/Webmaster tools, and it showed that the tinytiny-rss feed aggregator is the reason to flag my domain (which is strange, as it is an open-source app with no known security issues). I removed the suspected hostname/subdomain from the tunnel, and requested a Review from Google. A couple of days later they checked, and removed my domain from their SafeBrowsing lists. But at that point around 15 other vendors were still flagging my domain as Malicious/Phishing. It has been now around 2 weeks that I am off Google's list, but still 11 vendors flag my domain as phishing. Fortinet is the worst because it is the Firewall at my work and I have no option to bypass it to access my services. (As a quick solution, I registered another domain and configured CloudFlare's WAF to block bots. It is working with no issues for now.) I tried requesting/filling false-positive forms on some of the vendors websites, but it doesn't seem to work. Any tips if I can ever remove my domain from those lists? [/QUOTE]
Insert quotes…
Verification
Post reply
Top