whats it mean, is it related to all this or another topic.
I don’t know. Just if it’s you who upload this file on your server (for example to check something) it’s not the same things than if you never upload this file… And if it’s you was before or after to be flagged by antiphishing lists ?
1 Like
Anyone been able to fix this permanently or understand what causes it exactly?
I had it happen to me about a month ago, “deceptive side ahead”. Did the google console verification thing and it just said the yunohost admin login page was stealing personal information and phising. So I made sure there was no malware anywhere, updated everything, submitted an incorrect phishing warning report, few others did as well, and requested a review of the site.
Couple days later it’s gone.
Today just woke up and it has happened again. The same exact thing, same exact warning over the same exact pages.
VirusTotal also shows 2 vendors having flagged the URL as malicious. I’m requesting review again and guess it should be cleared in a couple days again, but seeing as how this effectively disables my site for the timebeing, lowers visitor’s trust and keeps occuring, it’s not something I can put up with.
Might have to leave YunoHost if it keeps happening sadly 
Don’t wanna put my tinfoil hat on but does seem like Big Cloud is cracking down on selfhosting and shutting down the little guy.
Update:
It’s gone already for the main site. I think what fixed it was commenting the lines
access_by_lua_file /usr/share/ssowat/access.lua.
at /etc/nginx/conf.d/yunohost_admin.conf
and /etc/nginx/conf.d/yourdomain.com.conf
So this seems to be related to the SSO redirect…
Google console still says all these URL’s are deceptive but they’re no longer showing up as flagged except for yunohost/admin/ which still does, but no one should be acessing it except me.
1 Like
i added the scanner to scan the files on yunohost and thats what i showed at the end results
can i see an example of what to edit in the files? and will it auto re-change back after a system update
So the scanner detect itself as a virus ?
is that what that is… thats funny…
I have not had any google issues since all this happened, everyone else doing good since?
just throwing this out there, i reinstalled the yunohost again and right away the moment i setup my 1st ssl https even while using my https://ipaddress not the domain i instantly got Deceptive site ahead no matter what after just being in the admin panel.
- but so far all https ssl domains are fine no issues
Hi! My only installed applications are nextcloud, photoprism and Roundcube. The problem appeared after updating Yunohost…
im screaming eternally … UGH… why
- what sucks about this is i dont own the domain its the free one from yunohost so i cant add the domain to my search-console so i can have google unflag it
never mind i was able to trick google by using my_webapp and putting the google.html file in there to verify my domain mahahahahah
So… Did Google deflag your domain ? If yes, how many days did you have to wait ?
You would just comment that line but I don’t recommend doing that unless you want to potentially break other things across your site.
Besides I still get the deceptive warning all over the admin page, no amout of review requests has solved it.
Ended up giving up on it for now since it seems obvious the issue isn’t anything I’m doing.
yes i just checked on it firefox and google both fine all my domains are fine sorry i didnt reply yet.
- now its the waiting game to see when it haps again
- less then 24 hours both times to correct with google in my request i explained users do not register nor login for anything asked them to go check i said its a private site but also open to public for viewing only
RE: “You would just comment that line but I don’t recommend doing that unless you want to potentially break other things across your site.”\
me: you are correct i um… almost did i got very scared thank god i took screenshots of the files i had to re-type everything back in and got lucky…
but i am glad it worked out in the end.
my main default domain i used the yunohost domain not my own and so far everything’s been fine since only issues is when adding a new domain
i was helping a friend with their windows 7 computer and all my domains are flagged but on new computers updated i have no issues could it all be a root cert issue? i recall something back in 2020 that in 2021 Lets encrypted was gonna have changes that effect i think android etc hmmm anyway
Hello ! my personal server is flagged by Google since a few days. I made a request on https://search.google.com/search-console and after analysis, Google removed the flag in less than 24h.
Hello ! Mon serveur perso est flag par Google depuis quelques jours. J’ai fait une demande sur https://search.google.com/search-console et après analyse, Google a retiré le flag en moins 24h.
My main Nextcloud URL just got flagged … I had added a couple of subdomains today to install other YNH programs. Now what? Is there any known solution yet?
Less than 12 hours later, the warning is gone. My site is still flagged by 5 security vendors on the Virus Total Scanner though. Wierd.
I submitted my request for review from Google here: Report Incorrect Phishing Warning