Phishing URL ? Solution

KatieH

KatieH

Member
Hi, this is a general question with coding a registration page but it might be helpful for others. The developer who i work with, this doesn't happen to any of the pages related to my project but only happen in the registration page, when i visit it, it causes my Kaspersky to block the page saying that the URL is Phishing url.

We did a quick test to determine what would cause it, by removing the entire code that allow registration and we were able to access the page without seeing the warning but we can't figure out what would cause it in the coding. So is there a way to figure out what part of the code that would cause an antivirus to block a page saying that it is phishing url? it is a bug but i can't figure it out yet with the dev what would cause it.
 
KatieH said:
Hi, this is a general question with coding a registration page but it might be helpful for others. The developer who i work with, this doesn't happen to any of the pages related to my project but only happen in the registration page, when i visit it, it causes my Kaspersky to block the page saying that the URL is Phishing url.

We did a quick test to determine what would cause it, by removing the entire code that allow registration and we were able to access the page without seeing the warning but we can't figure out what would cause it in the coding. So is there a way to figure out what part of the code that would cause an antivirus to block a page saying that it is phishing url? it is a bug but i can't figure it out yet with the dev what would cause it.
Click to expand...

We'd need to see the pages content (code, html, etc.) in order to determine why Kaspersky is setting it off.
 
It is on a private host, and i can't share it yet in public. I will see if i can just copy the page file i.e., the php file.
 
Is there anything on the page pointing to a different domain, or is the form submitting to a different domain for some reason?
 
I am not sure but this is what we did, the dev uploaded the registration page on a real domain name instead of where it is currently hosted which is on one of the ips of a private server and i didn't see the warning anymore. So it works if the page is uploaded an an actual domain name instead of an ip, doesn't make much sense much why this would happen but that is what happened :0)
 
Usually Kaspersky does not scan the code itself. It compares the URL (domain name) with a list of known hosts with issues and fires the warning if such host is found.

If your own domain is not blocked in a warn list, you have to take a look at any external content you may have at that page.
 

Similar threads

AndyB
Direct message phishing detect [Paid]
Replies
1
Views
133
Joeychgo
Joeychgo
ElJefe
  • Question Question
XF 2.3 Native XenForo app - struggle to find the right solution
Replies
1
Views
56
ENF
ENF
zzlpolitics
  • Solved
XF 2.3 Is there a solution to too long usernames?
Replies
7
Views
84
Old Nick
O
Scandal
XF 2.2 \XF\Job\AbstractRebuildJob and $user->delete() error (I have fixed it but needed better solution)
Replies
1
Views
32
Jeremy P
Jeremy P
Ozzy47
[OzzModz] Close Question Threads That Have A Solution
Replies
1
Views
150
Baby Community
Baby Community
Back
Top Bottom