I have my FreePBX admin locked down to only a few allowed IP’s, not the world. I also have SIP and everything else very restricted.
Still I got a big nasty warning today (never seen it before) when going to my web admin page which I had to bypass like you do when a cert is expired or not signed.
Certificate says “This site is deceptive” also shows “Dangerous”. This is only an issue in Chrome, not Safari or Edge.
I find it hard to believe this box is hacked or spewing malware all over the internet considering the firewall restrictions I have in place but I guess it’s possible. Not sure how to proceed with this, I don’t care about the warning but I want to be 100% sure it’s not actually a legit warning for actual malware or something happening on my system.
Just really wondering if anyone else has run into this today with their admin page for FreePBX.
Thanks
Edit: Also wanted to add that my FreePBX install is completely up to date, I update all the modules at least once every few weeks.
This happened to me a few weeks ago. Just a guess, someone else’s FreePBX admin page really did get compromised and the clean ones have the same ‘signature’ by whatever algorithm they use.
Without actually fixing anything (there was nothing needing fixing), I requested a review, received an acceptance a couple of days later and the warning was gone.
I get that but it’s reacting to the website which is generated by the FreePBX system. My real point of posting this was to see if others were running into the same issue. I believe this to be an issue with Google’s way of determining when a site is “Dangerous” I had this happen to a website a while back, submitted a request to have it reviewed and they removed the Dangerous warning with no changes on my end at all. So, I think this is the same type of issue. It IS helpful to know if others with basically the same exact website generated by FreePBX are having the same issue. Appreciate your response.
Same thing happened to me a while back on a website. It’s goofiness on the Google’s part, I think. I’m not submitting it because I actually don’t give a rat’s butt about the warning since I’m the only one that sees it. I am really just curious why I’m getting it.
I did not realize Google was doing this as I’ve been on Firefox for a while now. Thanks for clarifying and good to know. Can you provide a screenshot of the page so we can see what the dialog looks like?
Yes, it started happening on my freepbx system a few days ago as well. I’ve requested review from the Google Search Console panel and am waiting for that to process. Hopefully that will take care of it.
Are you accessing it via an IP address or fqdn? This issue usually appears when accessing a https page via an IP as SSL cannot resolve to an IP only an FQDN. I notice this often when accessing Draytek routers remotely via the external IP.
I don’t suppose you have something like Bitdefender installed on your PC? I noticed this happening when configuring a new deployment and marking the site as trusted when Bitdefender had wanted to block it. Bitdefender then continued to show up as the valid certificate and Chrome didn’t like it.
This has already been resolved. This is something Google does inside of the Chrome browser and Google is the only one that has power to remove this labeling. There is a process in place where you can report false positives but it’s a process that not everyone is willing to go through.
I can confirm that creating a Google Search Console account and validating the account with a Google DNS record, then requesting a review of the site inside the Google Search Console, does successfully stop Google Chrome from giving the Dangerous Site warning screen in the browser about two days after requesting the site review.
Google did not give any notification of exactly what the problem was that started triggering Chrome to give the Dangerous Site warning, nor did they give any resolution information that I can find. It just stopped giving the warning in Google Chrome two days after I requested the site review.
