Automation of malware-/phishing domain protection

By Melanie Wehowski

The Start Directory updates is automated blocklists daily. In this article it is documented how we do this, simple and short for transparancy and re-use.

Autoload missing classes (dirty way): https://gist.github.com/wehowski/e07524043fc4df7c9a7bf8e76a2676d7

$blocked = [ /* blocked subjects, instances and accounts … */ ];    

$OptOutManager= new \StartDir\OptOutManager(PDO : $dbh); 

    $blocked = \StartDir\Helpers::getBlocked(null, $blocked, 86400 - 300, $OptOutManager);      
        echo count($blocked).' subjects blocked.'."\n";
   $blocked = \StartDir\Helpers::getBlocked2(null, 86400 - 300, $OptOutManager,
                                              'https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt',
                                              true);      
    echo count($blocked).' subjects blocked.'."\n";
        
    $blocked = \StartDir\Helpers::getBlocked2(null, 86400 - 300, $OptOutManager, 
                                               'https://lists.cyberhost.uk/malware.txt',
                                              true);      
    echo count($blocked).' subjects blocked.'."\n";
        
    $blocked = \StartDir\Helpers::getBlocked2(null, 86400 - 300, $OptOutManager, 
                                               'https://blocklistproject.github.io/Lists/alt-version/ransomware-nl.txt',
                                              true);      
    echo count($blocked).' subjects blocked.'."\n";
        
    $blocked = \StartDir\Helpers::getBlocked2(null, 86400 - 300, $OptOutManager, 
                                               'https://blocklistproject.github.io/Lists/alt-version/fraud-nl.txt',
                                              true);      
    echo count($blocked).' subjects blocked.'."\n";

connect with ❤️Webfan | connect with Google