Google flags my sites as dangerous (Deceptive site ahead)

,

@Aleks

I’ve redirected my main URL (which was proposing to login to yunohost) to another service on my yunohost and the google shit disappeared.

The service itself proposes to login (it’s hedgedoc) but it only appears when you click on a link. So a workaround could maybe to use a similar behavior on the main yunohost login page. I understand it’s a PITA, but it seems this ingerence of google in “how a website should be” is driving everyone crazy.

Google is really bad and “evil” (they removed the “don’t be evil” motto from their slogan probably for a purpose)

How?

Don’t forget that it’s not only Google. Google was in my case easy to deal with. But my URL has been listed by 11 other “vendors”, and this is stil the case more than a week after Google delisted the URL. I even deinstalled Yunohost on that server and pointed the domain to another server without Yunohost where it only displays Apache’s default page. Nevertheless nothing changes, still listed by 11 vendors (including some that are used at work, where this URL therefore is blocked). And how to contact all of them? Not so straightforward as with Google, it seems.

2 months in so far no issues fingers crossed

(Other stories of Google ruining people’s life : Google just shut down our $1M business | Hacker News)

2 Likes

I don’t use Google for anything, but I still got flagged after my sister (who uses Gmail) emailed my mother (who doesn’t use Google anything) a link to my Element login.

Avoiding Google (/Microsoft/Amazon/Apple/Facebook) is good imo, but it’s not enough unless you can get everyone else to avoid them, too.

1 Like

Got flagged by Google as Phishing and, according to VirusTotal, by Seclookup as Malicious, bringing down my main domain with Akkoma, as well as subdomains: Roundcube, Element, Whitebophir, Listmonk, CryptPad, static html pages. It’s a dedicated server, IP was used by me for a year, never in blocklists, 10/10 mail-tester rating, Let’s Encrypt on every subdomain.

Core:
ssowat 11.1.4
yunohost 11.1.12

Apps:
akkoma 3.6.0~ynh1 (main domain)
cryptpad 5.2.1~ynh4
element 1.11.23~ynh1 (behind sso)
etherpad 1.8.18~ynh2
listmonk 2.3.0~ynh3
my_webapp 1.0~ynh13
roundcube 1.6.0~ynh3 (behind sso)
synapse 1.77.0~ynh1
whitebophir 1.19.0~ynh1 (behind sso)

Links to SSO pages appeared in private Matrix and Telegram chats (with people who have Google services installed on their phones) when I explained users how to sign in, but not on public social media. My SSO page looks slightly different from the YunoHost defaults. Logo and Cyrillic font are added with CSS, contact email is added with JS.

I found no misbehaving apps. The most recent install was Listmonk this week. One unusual thing about my server may be that after creating every subdomain, I turn off both incoming and outgoing email for it and manually remove its remaining autoconfig/mail/config-v1.1.xml about which the diagnostic complains.

I wonder if sharing the URLs without creating links would help everyone. In security articles I have started seeing URLs being shared like this: something[.]example[.]com/nextcloud

Email would be someone[at]example[.]com

Etc…

That way a hyperlink is never created. There would need to be an explanation along with sharing the URL to clarify.

My server got flagged, too. I only have Nextcloud, Synapse and Element Web apps installed. I don’t use Google services (their services are blocked at the router DNS level). It happened the same day though that I sent a login link to a family member who uses Gmail, so yet again it seems that when Google first detects a server through any of their services they scan and for whatever reason flag it as phishing.

I refuse to register who owns/runs/uses my site with Google though, so I didn’t use search console. I just chose to view the site anyway which in Firefox displayed a warning bar at the top and a button saying that it isn’t a deceptive site. I clicked that, entered the domain name and a comment just saying that the site wasn’t asking for any login details but those of the same site. Next day it was unblocked and VirusTotal has changed from 2 sites reporting it as phishing to zero.

I changed zero code/settings on my site.