Google keeps flagging VitalPBX servers as "deceptive/dangerous"

cbfs · March 11, 2023, 11:28am

Google keeps flagging all of my VitalPBX installs as dangerous/deceptive sites. Please see attached screenshot.

It seems that something VitalPBX is presenting is triggering Google to flag all VitalPBX instances like this. This is happening on 100% of my VitalPBX installs. My SSL certificates are valid and issued by Let’s Encrypt.

mo10 · March 11, 2023, 12:44pm

Maybe because of your main domain? So all Subdomains are affected.
Might something happened or going on recently.

You use something like WordPress or so in your main domain?

miguel · March 11, 2023, 2:21pm

Some information that I found:

Detect the Cause of the Problem

To resolve the warning, you need to locate the source of the problem. First, use Google Safe Browsing to verify your site’s status. This free Google tool will detect any malware or phishing threats that made the web browser deem the website unsafe.

Alternatively, deep scan your website using a malware scanner. This method is ideal for users with limited technical knowledge, as the tool will do all the work for you. Plenty of online malware scanners like SiteGuarding and Quttera offer this service for free.

Reasons for the warnings include:

Your site has been infected with malware
Your site contains phishing pages
There’s an issue with your SSL certificate
Your website has questionable links
You offer suspicious downloads

Warning meaning

Deceptive Site Ahead

This warning refers specifically to websites that might be phishing sites. For example, it could be a page designed to look like it belongs on your website but used to steal users’ personal information.

benno16 · August 8, 2023, 7:34pm

did u get to the bottom of this? I have the same problem…

lbill · August 8, 2023, 8:49pm

Are you getting the same exact error?
Could you upload a screenshot and what certificate are you using selfgenerated or from Letsencrypt?

admin · August 10, 2023, 2:37pm

this happens sometimes because Google tries to index the site (VitalPBX) and when finding a Login request at the beginning and seeing that the site is not a web page as such and cannot do SEO, it sends it to put it as a suspicious site.

To solve this problem and tell Google not to index it, follow the following procedure from the console:

Create the robots.txt file

nano /usr/share/vitalpbx/www/robots.txt

Add the following content:

User-agent: *
Disallow: /

In future versions, we will include this file to avoid this inconvenience.

x_mos · August 12, 2023, 3:31am

Hi Sir,

The above guide has been carried out, but still appears “Deceptive site ahead”

Even I have changed the domain

Thanks

mo10 · August 12, 2023, 6:24am

Maybe a recrawl helps?

admin · August 12, 2023, 1:13pm

Request Google to Review Your Site

erton · August 12, 2023, 3:53pm

On Chrome, try Ctrl + Shift + R to reload the page ignoring cached content.