Q-Droid 643 Posted July 17, 2023 Share Posted July 17, 2023 (edited) 55 minutes ago, rbjtech said: I'm referring to the reason for Google flagging the site (the word - 'emby' being used which Google is flagging as 'impersonating' emby.com (ie Phishing) - I don't believe this has anything to do with the security headers ? As far as I can tell the only static reference to Emby that is left is the one below. The rest are derived from settings such as domain and server name. So if you do use emby in the domain or server name those will be included in headers and page content. Quote <div class="mainDrawer hide focuscontainer-y padded-bottom-page" is="emby-scroller" data-horizontal="false" data-centerfocus="true" data-navcommands="card" data-bindheader="false" data-skipfocuswhenvisible="true"> Edited July 17, 2023 by Q-Droid 1 Link to comment Share on other sites More sharing options...
Spaceboy 2493 Posted July 17, 2023 Share Posted July 17, 2023 47 minutes ago, cypher0117 said: I have a nearly identical setup as you. HAproxy, acme certs, CAA, A+ ssl labs, etc. I have so far - knock on wood - not been flagged. I've added extra configurations to the security headers in my HAproxy that have given my site an A grade on https://securityheaders.com. I can't say that it's the reason for sure, but my site is has been used close to daily for the last few years without being flagged. - edited for spelling same here, almost identical setup and i've made no changes since this issue was first noticed. I did one day see the deceptive site warning and thought i was going to have some work on my hands but despite checking since (a couple of months ago) it hasnt appeared further. 1 Link to comment Share on other sites More sharing options...
lucian.pearce 0 Posted July 18, 2023 Share Posted July 18, 2023 Well I have been delisted again let see how long it lasts Review successful for domain.tld To: Webmaster of domain.tld, Google has received and processed your security review request. Google systems indicate that domain.tld no longer contains links to harmful sites or downloads. The warnings visible to users are being removed from your site. This may take a few hours to happen. Link to comment Share on other sites More sharing options...
plupien79 2 Posted July 30, 2023 Share Posted July 30, 2023 I just setup another frontend on my HAproxy to be media.domain.tld. And it's instantly flagged. However my other sites sonarr, radarr, nextcloud ETC all work just fine. Link to comment Share on other sites More sharing options...
Guest simon_hancock Posted August 1, 2023 Share Posted August 1, 2023 My domain has been working fine with SSL, until today when I updated my certificate and encountered this same problem with google flagging my domain as deceptive. Link to comment Share on other sites More sharing options...
harrv 88 Posted August 2, 2023 Share Posted August 2, 2023 On 5/23/2023 at 12:44 PM, Luke said: We're looking at putting together a new stable maintenance release with this update. Thanks guys. Thanks to Luke and the whole team for the changes! I see that Emby was updated to use the server name (or friendly name if you set it in Emby settings) of the Emby server. It is used for the html <title> (seen in your browser tab) and is also used as the value of several meta tags: <link rel="manifest" href="manifest.json"> <meta name="description" content="Your Server Name"> <meta name="application-name" content="Your Server Name"> <meta property="og:title" content="Your Server Name"> <meta property="og:site_name" content="Your Server Name"> <meta property="og:description" content="Energize your media."> <title>Your Server Name</title> My server was flagged by Google as "deceptive" a couple of times back in March before you'd made these changes, and in an attempt to get around that problem I made the same changes you did, but additionally I updated the contents of manifest.json to remove references to Emby (with the exception of the iPhone and Android app links). I also replaced all of the Emby logo images with custom ones I made, including favicon.ico. My site hasn't been flagged as deceptive in the five months since I did that! I really have no idea if the reason my server has not been re-flagged is because I also updated those images, and replaced Emby references in the manifest.json, or if that is not necessary. But until we know for sure, do you think you could also use the server name inside manifest.json? And perhaps give us a folder where we can put custom images and use those if present? The ones I replaced are: /app/emby/dashboard-ui/favicon.ico /app/emby/dashboard-ui/images/icon-72x72.png /app/emby/dashboard-ui/images/icon-96x96.png /app/emby/dashboard-ui/images/icon-128x128.png /app/emby/dashboard-ui/images/icon-144x144.png /app/emby/dashboard-ui/images/icon-152x152.png /app/emby/dashboard-ui/images/icon-192x192.png /app/emby/dashboard-ui/images/icon-384x384.png /app/emby/dashboard-ui/images/icon-512x512.png /app/emby/dashboard-ui/images/splash.png /app/emby/dashboard-ui/modules/themes/logowhite.png /app/emby/dashboard-ui/modules/themes/logodark.png To avoid losing my changes whenever Emby Server is updated, I used a combination of docker volume mapping (for whole file replacement) and a rewrite-body middleware with traefik ingress to make the html changes that you have now made for us. So I shouldn't need the rewrite-body middleware anymore, but I'm still concerned about the image and manifest.json files until we know for sure those don't need to be changed too. 1 Link to comment Share on other sites More sharing options...
Luke 37067 Posted August 2, 2023 Share Posted August 2, 2023 Quote But until we know for sure, do you think you could also use the server name inside manifest.json? Yea it makes sense. Thanks. 1 Link to comment Share on other sites More sharing options...
rbjtech 4265 Posted August 3, 2023 Share Posted August 3, 2023 (edited) Until we know what Google are actually flagging for - then guessing is just making work for everybody. @LukeAs owner of the original emby domain - can Google not provide you guidelines on how to go about configurating a related self hosted website without triggering these issues ? As a side note, I've made no website changes to emby (beta), have 'emby' in my fqdn and yet I have never been flagged - go figure .. Edited August 3, 2023 by rbjtech 1 Link to comment Share on other sites More sharing options...
Luke 37067 Posted August 3, 2023 Share Posted August 3, 2023 7 hours ago, rbjtech said: Until we know what Google are actually flagging for - then guessing is just making work for everybody. @LukeAs owner of the original emby domain - can Google not provide you guidelines on how to go about configurating a related self hosted website without triggering these issues ? As a side note, I've made no website changes to emby (beta), have 'emby' in my fqdn and yet I have never been flagged - go figure .. We can try to reach out to them for guidance, yes, but certainly right now it seems anything with emby your url is going to be a problem. Link to comment Share on other sites More sharing options...
embeclal 0 Posted August 6, 2023 Share Posted August 6, 2023 (edited) Got flagged recently as well. Only emby subdomain got flagged. It could be after I have migrated from cloudflare per subdomain proxy to wildcard proxy, but don't remember exact order of events. Waiting for appeal. Emby is behind nginx, A+ SSL result (obviously because of cloudflare). Running latest (nonbeta) emby. Edited August 6, 2023 by embeclal Link to comment Share on other sites More sharing options...
bkzland 3 Posted August 17, 2023 Share Posted August 17, 2023 On 7/14/2023 at 7:25 PM, sLIDez0rz said: Got flagged in March, then unflagged after about 5 days, then flagged again after 2 hours (whole domain). Had Emby accessible through https://emby.domain.tld, https://domain.tld/emby and https://ip:8096 before. After 2nd flag left only https://emby.domain.tld No problems since then. Running through Nginx proxy manager with Let's encrypt certificate. The only other thing I did was to replace default 302 redirect to 301 redirect in Nginx Proxy Manager configuration (as Google doesn't really like 302 redirects that is there by default) location = / { return 301 https://$host/web/index.html; } At the same time also got my instance of Picoshare flagged which was on separate subdomain. Changed nothing there, just submitted that it was a false positive on Google Search Console and everything is fine. I suppose that only appeals through Google Search Console does anything and the ones through browser does nothing. So if you get flagged, check Google Search Console as it could be other services too that got you flagged. I don't know if this is the answer, but I added the 301 override to my setup as well, currently flagged by the same malicious warning, and still waiting for repeated check by Google after adding the 301 redirect. For anyone running behind nginx-proxy docker container who wants to add this change: You want to 301 redirect the root URL of / only, so it's not forwarded by emby as 302 anymore, while still maintaing proxy-pass forwardings for every other request URI with more than just the root / present. Create a text file called <VIRTUALHOST>_location_override (as per the env variable your docker-compose uses) with contents: location = / { return 301 https://$host/web/index.html; } location ~ ^/.+ { proxy_pass http://$host$request_uri; } and add it as a mount in your docker run or docker-compose file: docker run ... -v <VIRTUALHOST>_location_override:/etc/nginx/conf.d/<VIRTUALHOST>_location_override Check that the content was correctly added in your nginx-proxy container with something like docker exec -it nginx-proxy more /etc/nginx/conf.d/default # look for your vhost block, it should contain an include statement to the override file you added, but no default location block in the default file. Link to comment Share on other sites More sharing options...
FancyNerd92 9 Posted August 18, 2023 Share Posted August 18, 2023 I have the same problem on Chrome and if I go from incognito on Chrome the ssl it works fine. Any ideas? I clear the cache but nothing... Link to comment Share on other sites More sharing options...
Luke 37067 Posted August 18, 2023 Share Posted August 18, 2023 11 hours ago, FancyNerd92 said: I have the same problem on Chrome and if I go from incognito on Chrome the ssl it works fine. Any ideas? I clear the cache but nothing... HI, did you submit a ticket with google to get unflagged? Link to comment Share on other sites More sharing options...
FancyNerd92 9 Posted August 19, 2023 Share Posted August 19, 2023 2 hours ago, Luke said: HI, did you submit a ticket with google to get unflagged? I did that, but it's not flagged. In Chrome incognito tab mode it works SSL normaly. Only in the main Chrome i'm getting this... Link to comment Share on other sites More sharing options...
Luke 37067 Posted August 19, 2023 Share Posted August 19, 2023 6 minutes ago, FancyNerd92 said: I did that, but it's not flagged. In Chrome incognito tab mode it works SSL normaly. Only in the main Chrome i'm getting this... Getting what exactly? Link to comment Share on other sites More sharing options...
FancyNerd92 9 Posted August 21, 2023 Share Posted August 21, 2023 (edited) On 19/08/2023 at 04:33, Luke said: Getting what exactly? I got the red page with the messege like this and must to click on details and visit this site. On Sunday it fixed itself without to do nothing... i had this problem 4 months now... and i did everything (clear cache, delete cookies etc.) but nothing. I cross fingers to keep it works! Edited August 21, 2023 by FancyNerd92 1 Link to comment Share on other sites More sharing options...
cappapp 7 Posted August 31, 2023 Share Posted August 31, 2023 On 19/08/2023 at 11:26, FancyNerd92 said: I did that, but it's not flagged. In Chrome incognito tab mode it works SSL normaly. Only in the main Chrome i'm getting this... Same here, flagged in normal chrome, not other browsers. But also chrome incognito mode is fine. I'll try waiting it out, as it's a first for me. Link to comment Share on other sites More sharing options...
plupien79 2 Posted August 31, 2023 Share Posted August 31, 2023 Mine was unflagged, and has already be re-flagged. Link to comment Share on other sites More sharing options...
DarkZrobe 3 Posted September 7, 2023 Share Posted September 7, 2023 Had a user post it was flagged, but when I go to the google search console no warning there and nothing listed on the safe search website. Running 4.8.0.44 Link to comment Share on other sites More sharing options...
plupien79 2 Posted September 17, 2023 Share Posted September 17, 2023 (edited) I actually added the subdomain to my Google account in the search tools. I was then able to trigger a review to which I got the attached response. Edited September 17, 2023 by plupien79 Redact url Link to comment Share on other sites More sharing options...
bkzland 3 Posted September 21, 2023 Share Posted September 21, 2023 After adding the workaround to prevent 302 redirect to the login page around 30 days ago, my emby server has not been re-flagged yet. Knock on wood. 1 Link to comment Share on other sites More sharing options...
ARGO1960 0 Posted October 26, 2023 Share Posted October 26, 2023 Seems google does not like emby at all :-(.. I'm having this issue also but rememberd I had installed some plugins to play with. Like "IPTV" and "XMLTV" also M3U TV Tuner, and that google warning abot my internal LAN only enby site started after that. (Anyway nothing of those 3 I got to work..) So I uninstalled those 3 and rebooted the server Issue gone. When I wanted to post this message Google did not like the avtivation mail also see below. Try to figure out witch of those plugins make this tiggers google's "Safe Browsing" and update if I find it. Link to comment Share on other sites More sharing options...
Luke 37067 Posted October 26, 2023 Share Posted October 26, 2023 HI, the plugins that you've installed won't matter. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now