Display message on login screen

zeighy · November 14, 2022, 4:27pm

My YunoHost server

Hardware: VPS/DigitalOcean
YunoHost version: 11.0.10.2
I have access to my server : Yes, SSH, and all
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

Is there a way to display a message on the login screen? We’ve been having issues with Google flagging our site as “social engineering”. I contacted their support and said that to avoid this, the site has to clearly display who is operating the site and any additional branding. As such for example if you are operating it privately, it has to be clear.

So, I am looking if there is a way to display such messages on the login screens to avoid getting flagged as “social engineering” when most of the services we installed require users to login without much of a public facing page.

Seems Google does not like sites that are just a login page.

Not sure if this is even support, or if this is basically a feature request.

tituspijean · November 15, 2022, 11:43am

cf. Google flags my sites as dangerous (Deceptive site ahead)

It would be better to assign a default app to the domain, even if it is a plain My Webapp.

zeighy · November 22, 2022, 2:27pm

Well, we’ve done that but Google still flags it. Specifically, flags the subdomains where there admin and user login pages are sitting on. They don’t like the /yunohost/admin and /yunohost/sso pages. It doesn’t matter if the front subdomain/domain has webapp sitting in front of it.

They detect the /admin and /sso pages from people using it through Chrome. We don’t link to those pages anywhere on the front end webapp. So, it is very peculiar that they flag those specific pages when they shouldn’t exactly be able to crawl it under normal circumstances.

We placed a front end webapp on my.domain.com/ and the user logins in at my.domain.com/yunohost/sso. While there is no link going to /sso (you have to manually type in to get to that page)… the whole my.domain.com gets flagged, and includes the my.domain.com/yunohost/sso and my.domain.com/yunohost/admin as flagged pages.

zeighy · December 15, 2022, 10:06pm

So I found that Google really does NOT like the /admin login page. We had no issues with this until literally today when I had to go to the admin panel to update the server. Literally within 5 minutes, Google Chrome red flagged the domain as phishing. If I never visit the admin page (like in the last 4 weeks) I never got flagged.

Really really need a way to display a proper message as they wanted to. Otherwise, it would be a pain to get flagged just to manage my server.

zeighy · December 15, 2022, 10:07pm

As I mentioned above just now, this does not work. When I access the admin panel at /admin, the domain immediately gets flagged.

If I never ever go to manage my server… It wouldn’t get flagged.

ljf · December 19, 2022, 10:52am

I guess you can do it for sso with: Customize the appearance of the user portal | Yunohost Documentation

zeighy · December 19, 2022, 1:20pm

That’ll help for /sso by injecting on the custom_portal.js. Though, I’ve also discovered that if I login to /admin via the server’s IP instead of the server’s domain, it would reduce the chance of upsetting the Google gods of flagging the domain. Since I’m accessing /admin by IP and not by domain.

I don’t know if I would call that an ideal solution, but I suppose it works. Ideal case is still to have an easy text field in server settings we can just type out a message to display (for both /sso and /admin). That way the layman doesn’t have to mess with js to inject a simple message.

system · January 18, 2023, 1:21pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.