My domains are blocked due to previous a phishing threat!

elliott · ‎10-22-2015

Dear reader;

I received a massive attack on the 6th October towards my 1&1 server where malicious files were uploaded to it without my knowledge that were used to form part of a phishing site/threat. I have since cleaned it all up, removed all threats along with malicious files and updated all of my server whilst also improving security overall to prevent further attacks. Thus whilst my server has now been clean for nearly 2 weeks now, I still can not access any of my domains hosted on 212.227.84.239 through the OpenDNS servers.

I also notice that my IP of 212.227.84.239 is also on the BARRACUDA and FABELSOURCES blacklists.

Thus can someone please sort this out for me so I can once again access my domains through the Open Dns servers.

Regards: Elliott

mattwilson9090 · ‎10-23-2015

The fastest way for you to get this resolved is to open a support ticket with OpenDNS (click click on the "Submit A Request" tab at the top of the page). That will go straight into their support queue while posting to this user discussion forum might or might not come to the attention of support staff in a timely manner.

As for the other two blacklists, you'll need to contact whoever supports those lists in order to get your domains removed from their lists.

rotblitz · ‎10-23-2015

"once again access my domains through the Open Dns servers"

First of all, you never ever accesses anything through a DNS server...
DNS is the phone book of the internet, not the phone lines.

The fastest way to get access despite of OpenDNS blocking is to add your domains to the "never block" list at your dashboard. Flush your caches then, and you should be good to go!

The fastest way to get it unblocked for the rest of the world is to follow mattwilson9090's suggestions.

elliott · ‎10-26-2015

I know how the DNS system works, what I meant is my domains won't resolve to my servers IP using the dns servers from OpenDNS (208.67.222.222 & 208.67.220.220). Thus when I have my DNS servers set to 208.67.222.222 & 208.67.220.220, rather than my website loading, I just get a message saying " This domain is blocked due to a phishing threat"

Also, I have already sorted the black lists out btw, so it just leaves the following issue of getting my domains unblocked for the public who use the OpenDNS dns servers.

I have already done what mattwilson9090 said, albeit 5 days ago with no reply yet. You can see my request here: https://support.opendns.com/requests/178751

Regards: Elliott

elliott · ‎10-26-2015

I know how the DNS system works, what I meant is my domains won't resolve to my servers IP using the dns servers from OpenDNS (208.67.222.222 & 208.67.220.220). Thus when I have my DNS servers set to 208.67.222.222 & 208.67.220.220, rather than my website loading, I just get a message saying " This domain is blocked due to a phishing threat"

Also, I have already sorted the black lists out btw, so it just leaves the following issue of getting my domains unblocked for the public who use the OpenDNS dns servers.

I have already done what mattwilson9090 said, albeit 5 days ago with no reply yet. You can see my request here: https://support.opendns.com/requests/178751

Regards: Elliott

mattwilson9090 · ‎10-26-2015

Actually, neither rotblitz nor I can see the request as we are not OpenDNS employees and don't have access to their support database. Since this is primarily a user forum rather than a support forum there's no certainty that OpenDNS employees will read or reply to any message here in a rapid manner. I'm pretty sure that OpenDNS doesn't reply to support emails for the free accounts over the weekend, so depending on time of day you only sent in your support 2 or 3 business days ago.

I'd suggest opening another ticket and referring to the first one just in case something got dropped or misrouted.