PeterHing 3 Posted March 16, 2023 Share Posted March 16, 2023 I've just been hit by Google too. I'm not doing anything special with my configuration: Domain > Static IP > Emby. Originally they had blacklisted the domain which also killed my Home Assistant server. I filed a False Positive report on both Home Assistant and Emby URLs. Home Assistant has been permitted, Emby is still blocked. There are suggestions you can see why in the Google Search Console. I'm going to get that setup now to see if there's any indication. 1 Link to comment Share on other sites More sharing options...
PeterHing 3 Posted March 16, 2023 Share Posted March 16, 2023 5 minutes ago, PeterHing said: There are suggestions you can see why in the Google Search Console. I'm going to get that setup now to see if there's any indication. Google Search Console doesn't go into any helpful detail. Link to comment Share on other sites More sharing options...
Q-Droid 652 Posted March 16, 2023 Share Posted March 16, 2023 There are a couple of threads about this, should they be merged? I've been wondering if the reason is that the default landing page is a credential collector (login page). So if another click was required to get to the login would this keep the warnings at bay? Has or can anyone try a test with a simple Emby banner/logo or portal page with a link to the login? Link to comment Share on other sites More sharing options...
Q-Droid 652 Posted March 16, 2023 Share Posted March 16, 2023 Then there's also a manifest.json with links referencing the Emby app in the stores. I don't know how deep Google or MS go into the sites for inspection and whether this would look suspicious to them. { "name": "Emby", "short_name": "Emby", "start_url": "/web/index.html", "description": "Your media, your way.", "lang": "en-US", "related_applications": [ { "platform": "play", "url": "https://play.google.com/store/apps/details?id=com.mb.android" }, { "platform": "itunes", "url": "https://itunes.apple.com/us/app/emby/id992180193?ls=1&mt=8" } Link to comment Share on other sites More sharing options...
spipe 1 Posted March 16, 2023 Share Posted March 16, 2023 (edited) After I posted, I submitted for a review and they removed the blacklist for my domain. In the google console, it showed the same thing as @PeterHing, but I was using a reverse proxy (traefik) for port 80 and 443 instead of port 80 and 8920. Edited March 16, 2023 by spipe Link to comment Share on other sites More sharing options...
budokaiman 3 Posted March 16, 2023 Share Posted March 16, 2023 I've submitted multiple requests for review, and it gets removed for a little while, then gets blocked again. Link to comment Share on other sites More sharing options...
KMBanana 84 Posted March 16, 2023 Share Posted March 16, 2023 I have not been blocked, but I figure putting some baseline information together could help identify what is causing these flags. Behind Cloudflare proxy/tunnel: No Country based on server IP: United States Indexing blocked: No Residential IP: Yes https://www.ssllabs.com/ score: A+ Subdomain or domain includes "Emby": No https: Required TLD: .com Cert provider: LetsEncrypt Link to comment Share on other sites More sharing options...
spipe 1 Posted March 16, 2023 Share Posted March 16, 2023 (edited) Behind Cloudflare proxy/tunnel: No Country based on server IP: Germany Indexing blocked: No Residential IP: No, dedicated box from hetzner. https://www.ssllabs.com/ score: A+ Subdomain or domain includes "Emby": Yes https: Required TLD: .one Cert provider: LetsEncrypt Edited March 16, 2023 by spipe Link to comment Share on other sites More sharing options...
baaahb 1 Posted March 16, 2023 Share Posted March 16, 2023 I'm having this same issue as well after running Emby and my domain for several years. I use google for my domain and DNS. The site was flagged a week or so ago, and I have reported it as a false positive, but it hasn't been removed yet. Just wanted to let y'all know you aren't alone. Something has changed about google's scans that is clearly catching Emby sites. Link to comment Share on other sites More sharing options...
AmIBeingObtuse 2 Posted March 16, 2023 Share Posted March 16, 2023 Just happened to me for the first time ever. Had it running for over 2 years. Behind Cloudflare proxy/tunnel: No Country based on server IP: United Kingdom Indexing blocked: No Residential IP: I use dynu.com witch points to my pc and ip updater updates dynu with my dynamic address. https://www.ssllabs.com/ score: A+ Subdomain or domain includes "Emby": No mine starts as watch.domain.com https: Required TLD: .one Cert provider: certify the web which I think uses letsencrypt Link to comment Share on other sites More sharing options...
Nebarik 7 Posted March 16, 2023 Author Share Posted March 16, 2023 (edited) My baseline that has not been flagged: Behind Cloudflare proxy/tunnel: Yes Country based on server IP: Australia Indexing blocked: No Residential IP: No, VPS. https://www.ssllabs.com/ score: A+ Subdomain or domain includes "Emby": No https: Required TLD: .au Cert provider: Cloudflare full (strict) Edited March 16, 2023 by Nebarik Link to comment Share on other sites More sharing options...
lharris 3 Posted March 17, 2023 Share Posted March 17, 2023 I had it my whole domain flagged a few weeks ago and now they just flagged my site https://emby.hnet.online/ If you register your site at https://search.google.com/search-console you can request a review. Link to comment Share on other sites More sharing options...
Happy2Play 8296 Posted March 17, 2023 Share Posted March 17, 2023 (edited) Using the above info here https://transparencyreport.google.com/safe-browsing/search shows this. @Luke Edited March 17, 2023 by Happy2Play Link to comment Share on other sites More sharing options...
lharris 3 Posted March 18, 2023 Share Posted March 18, 2023 (edited) @Luke@Happy2Play See below, google is finally calling out the page. Also my apologies I run windows and found this post first. I also commented on the windows post here: So for reference, I pay my ISP $6 for a month for a static IP (a smaller rural fiber provider that is awesome) and I run this from a Dell r720xd and an r510 from my basement, behind an Ubiquiti UDM Pro with threat management turned on and set to block. It runs in vmware. Everything is behind a reverse proxy running a relatively current version of Caddy, if it's not they current version. Any detail you need or want let me know and I'll provide it. Here's a snippet from the caddy file: emby.<redacted>.online:8920, emby.<redacted>.online { log { output file ./logs/emby_access.log { roll_size 10mb roll_keep_for 720h } } import godaddy reverse_proxy emby.<redacted>.home:8096 } Edited March 18, 2023 by lharris Link to comment Share on other sites More sharing options...
lharris 3 Posted March 19, 2023 Share Posted March 19, 2023 How can we stop Emby from throwing a 302? Is this somehow an interaction with my reverse proxy? Link to comment Share on other sites More sharing options...
Happy2Play 8296 Posted March 19, 2023 Share Posted March 19, 2023 3 minutes ago, lharris said: How can we stop Emby from throwing a 302? Is this somehow an interaction with my reverse proxy? Don't believe you can as you are redirected to different locations depending on authentication status. "localhost" does the exact same thing. Example http://localhost:8095/ Redirects http://localhost:8095/web/index.html#!/startup/login.html?serverId={serverid} Redirrects will vary depending user config options on what page will appear. Link to comment Share on other sites More sharing options...
lharris 3 Posted March 19, 2023 Share Posted March 19, 2023 I'd really like to hear from the devs about why Emby throws a 302. Seems like there's a lot of info out there about Google being a huge jerk about it. I did some Googling and I think I removed to 302 with Caddy server, which happens to be my reverse proxy, but I need to do some testing to make sure Emby is not broken. There is a reddit discussion with an nginx example here and my Caddy Example is below: Caddy Example: emby.<redacted>.online:8920, emby.<redacted>.online { log { output file ./logs/emby_access.log { roll_size 10mb roll_keep_for 720h } } import godaddy @paths path / redir @paths https://emby.<redacted>.online/web/index.html permanent reverse_proxy emby.<redacted>.home:8096 header { X-Robots-Tag none; } Link to comment Share on other sites More sharing options...
lharris 3 Posted March 30, 2023 Share Posted March 30, 2023 Apparently the fixes above did not work. I got Google to lift the flagging on the 20th and now a week and a half later it's back 1 Link to comment Share on other sites More sharing options...
spipe 1 Posted April 16, 2023 Share Posted April 16, 2023 Aaaaaaand its back.... Having to request another review in hopes of getting it removed again.. Link to comment Share on other sites More sharing options...
Nebarik 7 Posted May 2, 2023 Author Share Posted May 2, 2023 After a long time of it not affecting me. Google picked me up again. Using Cloudflare. Link to comment Share on other sites More sharing options...
EODCrafter 180 Posted May 2, 2023 Share Posted May 2, 2023 Isn't there a setting in your Browser you can disable this? Link to comment Share on other sites More sharing options...
DarkZrobe 3 Posted May 3, 2023 Share Posted May 3, 2023 Mine just popped. Butting in for a review. Did anyone figure out how to fix this? Link to comment Share on other sites More sharing options...
Luke 37095 Posted May 3, 2023 Share Posted May 3, 2023 The upcoming 4.8. Server release has made some changes to hopefully prevent this from happening. 1 Link to comment Share on other sites More sharing options...
adamrussak 2 Posted May 3, 2023 Share Posted May 3, 2023 Awesome news!!! Link to comment Share on other sites More sharing options...
DarkZrobe 3 Posted May 3, 2023 Share Posted May 3, 2023 I patched to the 4.8 Beta last night and got google to reverse the flag. Ill post if anything changes. 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now