[SOLVED] Have to disable pfBlockerNG to be able to use Paypal
-
Hi BB ;D
1. Problem is already bugging me for months, only now I found the time to open this thread.
2. The attached screenshot: this is when I go from the webshop to paypal to pay: this is the paypal screen (in Firefox or Chrome, doesn't make a difference).
3. Disable pfBlockerNG (DNSBL can remain enabled) and I can get through to Paypal.
4. This is what I thus have been doing for the last I think 6 months.
5. Problem: the alerts don't show hits for the time I access Paypal, only 10 minutes earlier.
6. pfSense is time server for local LAN, so all machines should have the same time.Is there a different way of finding out which/what/who is blocking this Paypal?
Thank you Sir BB ;)
-
In FF, hit F12 which will open Dev Mode. Goto "console" and it will show all domains that are blocked while you visit that webpage. Typically look for domains which have a "js" extension. Then add the problematic domains to the DNSBL whitelist customlist. After manually adding those you will need to Force Reload - DNSBL for it to take effect.
-
Thank you BB :-*
Firefox showed nothing. Chrome did. So I whitelisted paypalobjects.com. However, it still didn't work (pic 4 and 5).
???
So I still had to disable to be able to make the paypal payment.
Thank you & bye :D
-
Did you find any resolution to this other than shutting off DNSBL? I'm having the same issue with hpHosts screwing up paypal.
EDIT: Disregard, I got it working by whitelisting it. I just had to wait a bit after forcing the reload for it to take effect.
-
I did whitelist it and am waiting for days, but the problem remains. (See above 4 pictures, especially picture 3).
Any thoughts, BB?
Thank you :)
-
Does the domain resolve to the DNSBL vip address?
BSD:
host -t A www.paypalobjects.comWindows:
nslookup www.paypalobjects.comMake sure the domain is not in DNBSL:
grep "paypalobjects" /var/unbound/pfb_dnsbl.confhpHosts lists this domain in the (Full Feed) which is only updated once per month. So I am going to recommend to everyone to use the individual hpHost feeds instead of the Full Feed. Any False positive domains that are removed will not be removed from the Full Feed for 30 days…
hpHosts Download site:
https://hosts-file.net/?s=DownloadList of individual hpHost Feeds:
https://hosts-file.net/emd.txt
https://hosts-file.net/exp.txt
https://hosts-file.net/fsa.txt
https://hosts-file.net/grm.txt
https://hosts-file.net/hfs.txt
https://hosts-file.net/mmt.txt
https://hosts-file.net/pha.txt
https://hosts-file.net/psh.txt
https://hosts-file.net/pup.txt
https://hosts-file.net/wrz.txt
-
I was getting that a few months ago, but it's been good since I added this in my custom whitelist dsnbl:
.www.paypal.com
.paypal.com # CNAME for (www.paypal.com)
.www.paypalobjects.com
.www.paypalobjects.com.akadns.net # CNAME for (www.paypalobjects.com)
.www.paypalobjects.com.edgekey.net # CNAME for (www.paypalobjects.com)
.e3691.g.akamaiedge.net # CNAME for (www.paypalobjects.com)Hopes that help.
-
there are also these elements
t.paypal.com
t.paypal.com.edgekey.net # CNAME for (t.paypal.com)
e3694.a.akamaiedge.net # CNAME for (t.paypal.com)
-
Hmmm, just paypalobjects worked for me
-
Does the domain resolve to the DNSBL vip address?
BSD:
host -t A www.paypalobjects.comWindows:
nslookup www.paypalobjects.comMake sure the domain is not in DNBSL:
grep "paypalobjects" /var/unbound/pfb_dnsbl.confhpHosts lists this domain in the (Full Feed) which is only updated once per month. So I am going to recommend to everyone to use the individual hpHost feeds instead of the Full Feed. Any False positive domains that are removed will not be removed from the Full Feed for 30 days…
hpHosts Download site:
https://hosts-file.net/?s=DownloadList of individual hpHost Feeds:
https://hosts-file.net/emd.txt
https://hosts-file.net/exp.txt
https://hosts-file.net/fsa.txt
https://hosts-file.net/grm.txt
https://hosts-file.net/hfs.txt
https://hosts-file.net/mmt.txt
https://hosts-file.net/pha.txt
https://hosts-file.net/psh.txt
https://hosts-file.net/pup.txt
https://hosts-file.net/wrz.txtThank you BB,
1. Yes it resolves to 10.10.10.1
2. About not being in DNSBL, the grep command gives: local-data: "www.paypalobjects.com 60 IN A 10.10.10.1"
3. I ll add the individual feeds.
-
Still had to report back that it was solved. Thank you BB ;D
