30add07aed
- simpler and more readable - https://unix.stackexchange.com/a/99351 |
||
|---|---|---|
| .github/workflows | ||
| src | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .nvmrc | ||
| LICENSE.md | ||
| README.md | ||
| package.json | ||
README.md
VN Malicious Domains Blocklist
A blocklist of malicious (malware, scam, phishing) websites that are targeting Vietnamese users. Sourced from api.chongluadao.vn.
There are multiple formats available, refer to the appropriate section according to the program used:
- uBlock Origin (uBO) -> URL-based section (recommended)
- Pi-hole -> Domain-based or Hosts-based section
- AdGuard Home -> Domain-based (AdGuard Home) or Hosts-based section
- AdGuard (browser extension) -> URL-based (AdGuard)
- Vivaldi -> URL-based (Vivaldi)
- Hosts
- Dnsmasq
- BIND -> BIND zone or RPZ
- Unbound
- dnscrypt-proxy
- Internet Explorer -> Tracking Protection List (IE)
- Snort2
- Snort3
- Suricata
Not sure which format to choose? See Compatibility page in the wiki.
Check out my other filters:
URL-based
Import the following URL into uBO to subscribe:
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter.txt
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter.txt
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter.txt
- https://malware-filter.pages.dev/vn-badsite-filter.txt
- https://vn-badsite-filter.pages.dev/vn-badsite-filter.txt
AdGuard Home users should use this blocklist.
URL-based (AdGuard)
Import the following URL into AdGuard browser extensions to subscribe (includes online and offline malicious websites):
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter-ag.txt
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-ag.txt
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-ag.txt
- https://malware-filter.pages.dev/vn-badsite-filter-ag.txt
- https://vn-badsite-filter.pages.dev/vn-badsite-filter-ag.txt
URL-based (Vivaldi)
Requires Vivaldi Desktop/Android 3.3+, blocking level must be at least "Block Trackers"
Import the following URL into Vivaldi's Tracker Blocking Sources to subscribe (includes online and offline malicious websites):
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter-vivaldi.txt
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-vivaldi.txt
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-vivaldi.txt
- https://malware-filter.pages.dev/vn-badsite-filter-vivaldi.txt
- https://vn-badsite-filter.pages.dev/vn-badsite-filter-vivaldi.txt
Domain-based
This blocklist includes domains and IP addresses.
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter-domains.txt
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-domains.txt
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-domains.txt
- https://malware-filter.pages.dev/vn-badsite-filter-domains.txt
- https://vn-badsite-filter.pages.dev/vn-badsite-filter-domains.txt
Domain-based (AdGuard Home)
This AdGuard Home-compatible blocklist includes domains and IP addresses.
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter-agh.txt
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-agh.txt
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-agh.txt
- https://malware-filter.pages.dev/vn-badsite-filter-agh.txt
- https://vn-badsite-filter.pages.dev/vn-badsite-filter-agh.txt
Hosts-based
This blocklist includes domains only.
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter-hosts.txt
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-hosts.txt
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-hosts.txt
- https://malware-filter.pages.dev/vn-badsite-filter-hosts.txt
- https://vn-badsite-filter.pages.dev/vn-badsite-filter-hosts.txt
Dnsmasq
This blocklist includes domains only.
Install
# Create a new folder to store the blocklist
mkdir -p /usr/local/etc/dnsmasq/
# Create a new cron job for daily update
printf '#!/bin/sh\ncurl -L "https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-dnsmasq.conf" -o "/usr/local/etc/dnsmasq/vn-badsite-filter-dnsmasq.conf"\n' > /etc/cron.daily/vn-badsite-filter
# cron job requires execution permission
chmod 755 /etc/cron.daily/vn-badsite-filter
# Configure dnsmasq to use the blocklist
printf "\nconf-file=/usr/local/etc/dnsmasq/vn-badsite-filter-dnsmasq.conf\n" >> /etc/dnsmasq.conf
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter-dnsmasq.conf
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-dnsmasq.conf
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-dnsmasq.conf
- https://malware-filter.pages.dev/vn-badsite-filter-dnsmasq.conf
- https://vn-badsite-filter.pages.dev/vn-badsite-filter-dnsmasq.conf
BIND
This blocklist includes domains only.
Install
# Create a new folder to store the blocklist
mkdir -p /usr/local/etc/bind/
# Create a new cron job for daily update
printf '#!/bin/sh\ncurl -L "https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-bind.conf" -o "/usr/local/etc/bind/vn-badsite-filter-bind.conf"\n' > /etc/cron.daily/vn-badsite-filter
# cron job requires execution permission
chmod 755 /etc/cron.daily/vn-badsite-filter
# Configure BIND to use the blocklist
printf '\ninclude "/usr/local/etc/bind/vn-badsite-filter-bind.conf";\n' >> /etc/bind/named.conf
Add this to "/etc/bind/null.zone.file" (skip this step if the file already exists):
$TTL 86400 ; one day
@ IN SOA ns.nullzone.loc. ns.nullzone.loc. (
2017102203
28800
7200
864000
86400 )
NS ns.nullzone.loc.
A 0.0.0.0
@ IN A 0.0.0.0
* IN A 0.0.0.0
Zone file is derived from here.
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter-bind.conf
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-bind.conf
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-bind.conf
- https://malware-filter.pages.dev/vn-badsite-filter-bind.conf
- https://vn-badsite-filter.pages.dev/vn-badsite-filter-bind.conf
Response Policy Zone
This blocklist includes domains only.
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter-rpz.conf
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-rpz.conf
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-rpz.conf
- https://malware-filter.pages.dev/vn-badsite-filter-rpz.conf
- https://vn-badsite-filter.pages.dev/vn-badsite-filter-rpz.conf
Unbound
This blocklist includes domains only.
Install
# Create a new folder to store the blocklist
mkdir -p /usr/local/etc/unbound/
# Create a new cron job for daily update
printf '#!/bin/sh\ncurl -L "https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-unbound.conf" -o "/usr/local/etc/unbound/vn-badsite-filter-unbound.conf"\n' > /etc/cron.daily/vn-badsite-filter
# cron job requires execution permission
chmod 755 /etc/cron.daily/vn-badsite-filter
# Configure Unbound to use the blocklist
printf '\n include: "/usr/local/etc/unbound/vn-badsite-filter-unbound.conf"\n' >> /etc/unbound/unbound.conf
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter-unbound.conf
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-unbound.conf
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-unbound.conf
- https://malware-filter.pages.dev/vn-badsite-filter-unbound.conf
- https://vn-badsite-filter.pages.dev/vn-badsite-filter-unbound.conf
dnscrypt-proxy
Install
# Create a new folder to store the blocklist
mkdir -p /etc/dnscrypt-proxy/
# Create a new cron job for daily update
printf '#!/bin/sh\ncurl -L "https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-dnscrypt-blocked-names.txt" -o "/etc/dnscrypt-proxy/vn-badsite-filter-dnscrypt-blocked-names.txt"\n' > /etc/cron.daily/vn-badsite-filter
printf '\ncurl -L "https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-dnscrypt-blocked-ips.txt" -o "/etc/dnscrypt-proxy/vn-badsite-filter-dnscrypt-blocked-ips.txt"\n' >> /etc/cron.daily/vn-badsite-filter
# cron job requires execution permission
chmod 755 /etc/cron.daily/vn-badsite-filter
Configure dnscrypt-proxy to use the blocklist:
[blocked_names]
+ blocked_names_file = '/etc/dnscrypt-proxy/vn-badsite-filter-dnscrypt-blocked-names.txt'
[blocked_ips]
+ blocked_ips_file = '/etc/dnscrypt-proxy/vn-badsite-filter-dnscrypt-blocked-ips.txt'
- https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-dnscrypt-blocked-names.txt
- https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-dnscrypt-blocked-ips.txt
Mirrors
-
https://curbengh.github.io/malware-filter/vn-badsite-filter-dnscrypt-blocked-names.txt
-
https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-dnscrypt-blocked-names.txt
-
https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-dnscrypt-blocked-names.txt
-
https://malware-filter.pages.dev/vn-badsite-filter-dnscrypt-blocked-names.txt
-
https://vn-badsite-filter.pages.dev/vn-badsite-filter-dnscrypt-blocked-names.txt
-
https://curbengh.github.io/malware-filter/vn-badsite-filter-dnscrypt-blocked-ips.txt
-
https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-dnscrypt-blocked-ips.txt
-
https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-dnscrypt-blocked-ips.txt
-
https://malware-filter.pages.dev/vn-badsite-filter-dnscrypt-blocked-ips.txt
-
https://vn-badsite-filter.pages.dev/vn-badsite-filter-dnscrypt-blocked-ips.txt
Tracking Protection List (IE)
This blocklist includes domains only. Supported in Internet Explorer 9+.
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter.tpl
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter.tpl
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter.tpl
- https://malware-filter.pages.dev/vn-badsite-filter.tpl
- https://vn-badsite-filter.pages.dev/vn-badsite-filter.tpl
Snort2
This ruleset includes online URLs only. Not compatible with Snort3.
Install
# Download ruleset
curl -L "https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-snort2.rules" -o "/etc/snort/rules/vn-badsite-filter-snort2.rules"
# Create a new cron job for daily update
printf '#!/bin/sh\ncurl -L "https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-snort2.rules" -o "/etc/snort/rules/vn-badsite-filter-snort2.rules"\n' > /etc/cron.daily/vn-badsite-filter
# cron job requires execution permission
chmod 755 /etc/cron.daily/vn-badsite-filter
# Configure Snort to use the ruleset
printf "\ninclude \$RULE_PATH/vn-badsite-filter-snort2.rules\n" >> /etc/snort/snort.conf
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter-snort2.rules
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-snort2.rules
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-snort2.rules
- https://malware-filter.pages.dev/vn-badsite-filter-snort2.rules
- https://vn-badsite-filter.pages.dev/vn-badsite-filter-snort2.rules
Snort3
This ruleset includes online URLs only. Not compatible with Snort2.
Install
# Download ruleset
curl -L "https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-snort3.rules" -o "/etc/snort/rules/vn-badsite-filter-snort3.rules"
# Create a new cron job for daily update
printf '#!/bin/sh\ncurl -L "https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-snort3.rules" -o "/etc/snort/rules/vn-badsite-filter-snort3.rules"\n' > /etc/cron.daily/vn-badsite-filter
# cron job requires execution permission
chmod 755 /etc/cron.daily/vn-badsite-filter
Configure Snort to use the ruleset:
# /etc/snort/snort.lua
ips =
{
variables = default_variables,
+ include = 'rules/vn-badsite-filter-snort3.rules'
}
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter-snort3.rules
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-snort3.rules
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-snort3.rules
- https://malware-filter.pages.dev/vn-badsite-filter-snort3.rules
- https://vn-badsite-filter.pages.dev/vn-badsite-filter-snort3.rules
Suricata
This ruleset includes online URLs only.
Install
# Download ruleset
curl -L "https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-suricata.rules" -o "/etc/suricata/rules/vn-badsite-filter-suricata.rules"
# Create a new cron job for daily update
printf '#!/bin/sh\ncurl -L "https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-suricata.rules" -o "/etc/suricata/rules/vn-badsite-filter-suricata.rules"\n' > /etc/cron.daily/vn-badsite-filter
# cron job requires execution permission
chmod 755 /etc/cron.daily/vn-badsite-filter
Configure Suricata to use the ruleset:
# /etc/suricata/suricata.yaml
rule-files:
- local.rules
+ - vn-badsite-filter-suricata.rules
Mirrors
- https://curbengh.github.io/malware-filter/vn-badsite-filter-suricata.rules
- https://curbengh.github.io/vn-badsite-filter/vn-badsite-filter-suricata.rules
- https://malware-filter.gitlab.io/vn-badsite-filter/vn-badsite-filter-suricata.rules
- https://malware-filter.pages.dev/vn-badsite-filter-suricata.rules
- https://vn-badsite-filter.pages.dev/vn-badsite-filter-suricata.rules
Compressed version
All filters are also available as gzip- and brotli-compressed.
- Gzip: https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter.txt.gz
- Brotli: https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter.txt.br
FAQ and Guides
See wiki
CI Variables
Optional variables:
CLOUDFLARE_BUILD_HOOK: Deploy to Cloudflare Pages.NETLIFY_SITE_ID: Deploy to Netlify.
License
Creative Commons Zero v1.0 Universal
api.chongluadao.vn (operated by Hieu Minh Ngo): CC0