spirillen
commented
1 month ago Open Cardenas2911 opened 1 month ago
spirillen
commented
1 month ago 
Cardenas2911
commented
1 month ago please update your url or delete cookies. sorry for the inconvenience.
spirillen
commented
1 month ago please update your url or delete cookies. sorry for the inconvenience.
Cookies 🍪 I don't do cookies, I have diabetic 😉
And now you tries to fingerprint my browser, for what? collecting PII data? without my explicit approval?
Maybe this is why you are marked for phishing, as you are phishing for PII on behalf on crimeflair!! Just saying, this is for sure degrading the trust in your domain, and since the domain ain't running properly secured by SSL and the fact the domain ain't public available, but only available from cloudflare's walled garden intranet, I can't help you, as I can't access the closed circle.
You'll have to wait for @mitchellkrogza or @funilrys to pick up this issue. Opening a PR or Issue in https://github.com/mitchellkrogza/Phishing would make any different, as it is @mitchellkrogza or @funilrys and me who hold the merge power.
GitHub
Central Repository for Adding Domains / Links to the Phishing.Database project - https://github.com/mitchellkrogza/Phishing.Database/ - mitchellkrogza/phishing
Cardenas2911
commented
1 month ago How can I solve this problem?
I would appreciate if you can help me, we really are an honest company that we have suffered attacks, I am the person in charge, we have fought denouncing pages that create with our brand and image and are dedicated to defraud our customers. It turns out that in recent weeks Google has shown us this. I would be very grateful if you can help me, if this work also has a value, I would also be willing to assume it.
spirillen
commented
1 month ago you need to hardened the Nginx setup
Get rid of WordPress, it is to commonly used, and therefore a obviously target, with a well known base of exploits
Ditch any BigTech (Alphabet (Google), Meta, Cloudflare etc), they serves you no good, at all. They degrade the trust in your server (domain)
Make sure you Nginx is configured correctly ⏫ getting SSL domains with no valid certs... You even get a lower search, like way lower. Here is a fresh screenshot...
As a beginner package for Nginx, somewhat, security, you can implant @mitchellkrogza Nginx bad bots, but be picky, he have left out some hosts, as they serves him a personal purpose.
Make your own deny configuration for Nginx to block unwanted hosts, IE, I block CloudFlare and Alphabet + some others in a script like this
if ($http_user_agent ~ "(heritrix|Googlebot|Google-Extended|Googlebot-Image|Googlebot-News|Googlebot-Video|Googlebot-Image|Storebot-Google|Google-InspectionTool|GoogleOther|Google-Extended|APIs-Google|AdsBot-Google-Mobile|AdsBot-Google|Mediapartners-Google|FeedFetcher-Google|GoogleProducer|google-speakr|Google-Site-Verification|ChatGPT|ChatGPT-User|CCBot)/"){return 444;}This can be done in other ways to, this is only meant as an example
Hide your server application + version server: nginx
Enable listen 443 quic; in nginx
Add also add_header Alt-Svc 'h3=":443"; ma=86400'; to the nginx.conf
delete <link rel="preconnect" href="https://fonts.gstatic.com" .* and any other third party crap, if you need some scripts, host them inside your own domain, it is usual only a few (m)bytes anyway,
https://fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R8WXZ0oA.woff host you fonts your self, no reason to sell all your visitors to Alphabet, and it is violating GDPR and the Californian Privacy act, as you haven's asked for permission to share your visitors data with third party (See ad 10), This do not only concerns cookies...
If you have issues, figuring out how to import and intergrate the fonts, at least use a privacy aware domain: https://googledonts.private.coffee/
Again <link rel='dns-prefetch' href='//js.hs-scripts.com' /> Host it your self... no reason to loos the fight before it have begun...
Your Caching doesn't seems to work... do you have any visitors to keep it hot?
I do not notice the use of add_header Strict-Transport-Security "max-age=63072000" always; & ssl_stapling on; ssl_stapling_verify on;
Disconnect everything from cloudflare.
If you want more... Then I'll suggest you feeds the Marsupilami (@spirillen)
Cardenas2911
commented
1 month ago This explanation is much more than I expected! Thank you so much for taking the time and trouble to answer my questions, I appreciate having found you. It would be interesting to know the possibility of contracting these solutions with you. I want my work to be good, unfortunately I don't know how to develop, I make a living with WordPress, and I don't want to look bad to my bosses, I like what I do and I want to be better! I want to learn, but right now I have this problem. I would be willing to pay out of my pocket if necessary, as long as I can solve it and nothing happens to the company, since it's my responsibility.
Cardenas2911
commented
1 month ago Do you think we can get in touch? I would like to please give me your price to hire and develop these solutions for the domain to be perfect!. in the url of donation that you pass me, it is like a subscription. and I do not know how much it would cost this work on your part.
spirillen
commented
1 month ago Do you think we can get in touch?
Sure, it should be possible to sign up on https://kb.mypdns.org/ and we can make a more private talk there. You can also write more in-depth and privately here https://www.mypdns.org/support.html
I would like to please give me your price to hire and develop these solutions for the domain to be perfect!.
You might have to tell me which parts of the previous response you refer to here. And keep in mind, I'm a sys admin whit knowledge to some programming, I'm not a dedicated programmer. So I can offer you what I have been writing about and some more on system level security (firewall and such)
in the url of donation that you pass me, it is like a subscription. and I do not know how much it would cost this work on your part.
It should be able to make a one of payment, but yes, liberapay is primary a recurring payment system for sponsorships
Any further conversion this, do not belongs to this issue.
Domains or links https://immigrationsolutionusa.com/ Please review the above domain, as we believe it to be a false positive.
More information We discovered that our website was listed here through a cybersecurity audit. We have not been hacked, but we have received a few attack attempts. The status is marked as "undefined," but our domain appears as a phishing site.
The website has not been hacked. Our domain has been incorrectly marked as phishing, but we are not listed on Phishtank or OpenPhish to our knowledge. Have you requested removal from other sources? Not applicable. This is the first time we have been flagged as phishing, and we have not requested removal from any other sources, as we are not listed on Phishtank or OpenPhish.
Additional context Our website has never been compromised or involved in phishing activities. We have implemented strong security measures to protect against hacking attempts, and so far, there have been no security breaches. We believe that our listing as a phishing site is a mistake, likely a false positive, and we request a review for removal from the blacklist. We are committed to maintaining the highest security standards and can provide further details if necessary.