Stop issuing phishing/malware reports for IPFS gateway sites

Answer these questions to help the Community help you with Security questions.

What is the domain name?
ipfs.*****.****/ipfs
(Domain masked here intentionally)

Have you searched for an answer?
Yes. No result.

Please share your search results url:
Not available.

Describe the issue you are having:
This is public ipfs gateway url. Please stop issuing phishing report on it. This is the normal behaviour for any IPFS gateway url. Just look at your own cloudflare-ipfs.com gateway. The phishing report by you is anyhow applicable to this too.

What error message or number are you receiving?
Getting phishing reports.

Aside from a ‘masked here intentionally’ domain which means that no-one could do anything about it anyways, a public service doesn’t mean you shouldn’t receive reports.

1 Like

Any public gateway can be flagged in this same way. Including Cloudflare’s own gateway too. So, simply issuing phishing strike is not fair.
And for ‘masked here intentionally’ content take any gateway url from the following page. My url is one from the list.

And the concerned url path is /ipfs/bafkreifstvwj3sgu76a4cr7ghqrejbaps4gbmghpqvn2i76xrlgqrkjpsa

Just because you have a public service that proxies something doesn’t negate any responsibility you have as the operator. You’re running it, so you will get the reports for something served through it.

Reports are often forwarded to your hosting provider, who might take any action they find necessary. That isn’t something the community or Cloudflare can control.

If I hosted a service where anyone can host their site, I would be the one getting reports for it and I am responsible for deciding if I restrict access to it or not.

Feel free to prevent that from being accessible on your website, or not.

1 Like

I am blocking not just the striked url, but also any other paths ‘phishing’ around the network. And this is proactive activity, not reactive.
I am not saying whitelist my domain blindly. My concern is, Cloudflare should have some special audit mechanism for IPFS related content before marking the domain as phishing/malware. This will not just help my gateway but all other gateways using the Cloudflare’s dns. The irony is, the stated path is happily accessible from Cloudflare’s own gateway. Check link here.

At last, I am at my desk to act on takedown strikes.