Phishing URL ? Solution

KatieH

KatieH

Member
Hi, this is a general question with coding a registration page but it might be helpful for others. The developer who i work with, this doesn't happen to any of the pages related to my project but only happen in the registration page, when i visit it, it causes my Kaspersky to block the page saying that the URL is Phishing url.

We did a quick test to determine what would cause it, by removing the entire code that allow registration and we were able to access the page without seeing the warning but we can't figure out what would cause it in the coding. So is there a way to figure out what part of the code that would cause an antivirus to block a page saying that it is phishing url? it is a bug but i can't figure it out yet with the dev what would cause it.
 
KatieH said:
Hi, this is a general question with coding a registration page but it might be helpful for others. The developer who i work with, this doesn't happen to any of the pages related to my project but only happen in the registration page, when i visit it, it causes my Kaspersky to block the page saying that the URL is Phishing url.

We did a quick test to determine what would cause it, by removing the entire code that allow registration and we were able to access the page without seeing the warning but we can't figure out what would cause it in the coding. So is there a way to figure out what part of the code that would cause an antivirus to block a page saying that it is phishing url? it is a bug but i can't figure it out yet with the dev what would cause it.
Click to expand...

We'd need to see the pages content (code, html, etc.) in order to determine why Kaspersky is setting it off.
 
It is on a private host, and i can't share it yet in public. I will see if i can just copy the page file i.e., the php file.
 
Is there anything on the page pointing to a different domain, or is the form submitting to a different domain for some reason?
 
I am not sure but this is what we did, the dev uploaded the registration page on a real domain name instead of where it is currently hosted which is on one of the ips of a private server and i didn't see the warning anymore. So it works if the page is uploaded an an actual domain name instead of an ip, doesn't make much sense much why this would happen but that is what happened :0)
 
Usually Kaspersky does not scan the code itself. It compares the URL (domain name) with a list of known hosts with issues and fires the warning if such host is found.

If your own domain is not blocked in a warn list, you have to take a look at any external content you may have at that page.
 

Similar threads

J
  • Question Question
XF 2.2 What is the best way of dealing with external links on XFRM?
Replies
0
Views
286
John917
J
J
  • Question Question
XF 2.2 Custom User Fields Help - Occupation Field
Replies
0
Views
167
jar546
J
Q
  • Question Question
XF 2.2 Xenforo and "Cumulative Layout Shift" Problem
Replies
7
Views
372
digitalpoint
digitalpoint
H
  • Question Question
XF 2.2 Have to rebuild thread cache every few days
Replies
3
Views
319
Saphira
Saphira
L
Occasional MySql issue, hits 100% CPU
Replies
7
Views
740
Yoshiro
Yoshiro
Top Bottom