Redirect malicious domain to another domain or website
-
Is it possible to redirect client attempting to reach a malicious domain, to another domain or website ?
for example : when client wants to connect to malicious domain which is blocked by DNSBL, then i want to redirect him to www.google.com for example . -
@walidbz not easily as that’s what site certificates prevent. To do so you need your clients to have an extra certificate to allow you to do a man in the middle interception.
-
@Patch thank you for your reply.
So, is it the same problem if i want to redirect him to an internal webserver in my network ?
NB: the website is without certificate (http) -
@walidbz said in Redirect malicious domain to another domain or website:
@Patch thank you for your reply.
So, is it the same problem if i want to redirect him to an internal webserver in my network ?
NB: the website is without certificate (http)Yes
You can easily make the site unreadable but not substitute another site without significantly more effort. -
@Patch so do you have a solution please ?
-
@walidbz said in Redirect malicious domain to another domain or website:
redirect him to an internal webserver in my network
Use a plain HTTP redirect. Create a host override in DNS to resolve the domain (and its www) to your internal server's IP. On your web server create a site for that domain, and have that site redirect to whatever URL you want.
Note when blocking via DNS you may need to block DNS over HTTP or DNS over TLS so browsers don't bypass your DNS. There is a PDF writeup for pfSense at https://github.com/jpgpi250/piholemanual. It is rather detailed but is complete.
-
@SteveITS thank you for your help.