Driving me nuts: Chrome "Dangerous site" warning scaring my users

Our systems all have valid Let’s Encrypt Certs, and then they get flagged, so I go to Search Console and:

Dangerous site

Attackers on the site you’re trying to visit might trick you into installing software or revealing things like your password, phone, or credit card number. Chrome strongly recommends going back to safety.

Google has detected harmful content on some of your site’s pages. We recommend that you remove it as soon as possible. Until then, browsers such as Google Chrome will display a warning when users visit or download certain files from your site.
Deceptive pages
Description
These pages attempt to trick users into doing something dangerous, such as installing unwanted software or revealing personal information.

Using “Request Review” the warnings go away but after a few weeks they show up again.
This freaks out UCP users, they panic and close the page, thinking they are about to get a virus so instead of doing basic stuff for themselves, someone has to do these manually on their behalf.
One IT Support Company even blacklisted the PBX URL which is configured in the extensions.
Has anyone else encountered this? And, is there a solution you could point me towards?

Are you using a cloud provider like DigitalOcean? A lot of their IPs are dirty, but that would not explain why it’s re-occurring after getting the IPs unlisted.

I see this on some of my test systems, and i assume its due to using a free FQDN provider for my certs. Its a prob on chrome but not FF.

1 Like

Perhaps I should clarify, this is usin a domain name pointing to the PBX and a LetsEncrypt cert for that name

For us, using subdomains from noip.com our domains would eventually get our sites flagged by google as a dangerous site. Although we obtained our certs via lets encrypt, not noip itself. Moving over to subdomains on our own domain via A records solved the problem.