86 replies to this topic

[BeerBomber]

I can't even get to it anymore unless it's on my phone.

[bdutton]

I was able to get chrome working temporarily with avg>menu>settings>components>online shield>disable for 1 hour.

[SimonW]

This still doesn't seem all that likely. They're going to cut off a lot of sites that have ZERO reason to even have an SSL cert (like brews-bros.xyz) ... You can get through the warning after multiple clicks (or presumably a whitelist of some sort).. seems dumb.
Google makes the distinction between "not secure" and "dangerous":
 
 
httpss://support.google.com/chrome/answer/95617?visit_id=1-636414410101610046-4094715222&p=ui_security_indicator&rd=1
 
 
 
"Dangerous: Avoid this site. If you see a full-page red warning screen, the site has been flagged as unsafe by [/size]Safe Browsing. Using the site will likely put your private information at risk."[/size]
 
 
Brews-bros is being marked Dangerous, not simply "Not Secure"[/size]
 
 
httpss://transparencyreport.google.com/safe-browsing/search?url=brews-bros.xyz

There is a difference. Sites which don’t have a password field in them will just get a not secure warning, if there is a password field then it gets marked as Dangerous.

The problem we have right now is because google marks us as dangerous we can’t get an SSL certificate issued and the only way to get google to remove the warning is to remove the password field so no-one can login

[Area Man]

Wish I'd seen this thread yesterday. I've been convinced that I had the malwarez. I just deactivated the "suspect website" warning in Safari on my computer, and I get in no problem. Haven't had any issue with Safari on my iPhone.

[CaptRon]

It's crazy how much power Google has over the internet

[LowcountryBrewer]

I can't even get to it anymore unless it's on my phone.

Not sure if this was accidental, but I couldn't get past the red screen with Chrome.

I held down CTRL while pressing the "proceed anyway"(or whatever it says) and now I can get in every time.

[ScottS]

Google says we're blacklisted because we link to a blacklisted site.... brews-bros.xyz.  Lovely circular reasoning there, assbags.  

 

We're working through some other ideas.

[BIG POPPA]

There is a difference. Sites which don’t have a password field in them will just get a not secure warning, if there is a password field then it gets marked as Dangerous.

The problem we have right now is because google marks us as dangerous we can’t get an SSL certificate issued and the only way to get google to remove the warning is to remove the password field so no-one can login

Simon, I am sure by now that Scatts has shared the info I sent him the night this incident happened even though I was rather incoherent at the time and Scott's was rather patient.

At any rate here is the sequence of events.

Signed into website

Clicked around on a few threads

No problems so far

At around 9:00 PM EST I clicked on a specific thread link

At that time I was redirected to www.clubpenguininsiders.com which triggered Google'red warning page.

I clicked around on a few other thread links to see if maybe this was an anomaly. Everything seemed normal.

So I clicked back on the thread link in question and got the same results as described above.

I made some screen caps and alerted Scott's.

As the evening progressed, the error spread across all of the site bur now Google' red flag page listed brews_bros.com as the culprit.

From there it has progressed to what you see today.

I have no such red flag on Android, which I am attributing to a difference in os architecture.

If you need anything further you can inbox me directly although I'd make it early in the day as Scott's can attest to. Lol :embarrassed:

[SimonW]

Simon, I am sure by now that Scatts has shared the info I sent him the night this incident happened even though I was rather incoherent at the time and Scott's was rather patient.

At any rate here is the sequence of events.

Signed into website

Clicked around on a few threads

No problems so far

At around 9:00 PM EST I clicked on a specific thread link

At that time I was redirected to www.clubpenguininsiders.com which triggered Google'red warning page.

I clicked around on a few other thread links to see if maybe this was an anomaly. Everything seemed normal.

So I clicked back on the thread link in question and got the same results as described above.

I made some screen caps and alerted Scott's.

As the evening progressed, the error spread across all of the site bur now Google' red flag page listed brews_bros.com as the culprit.

From there it has progressed to what you see today.

I have no such red flag on Android, which I am attributing to a difference in os architecture.

If you need anything further you can inbox me directly although I'd make it early in the day as Scott's can attest to. Lol :embarrassed:

 

I've run the site through multiple site scans for exploits and malware and none of them are finding anything wrong so I'm not convinced that that was triggered by this site. There has also been no file changes made on the server, no template updates or new plugins installed that could trigger it. And it would have to be that as it's not specific posts that are triggering it, as we wouldn't be getting a total block if that was the case. I've been told specifically by one of Googles Help Experts its the password field, if I removed the login field so no-one could login for a couple of days I'm 99.99999% sure the warning would go away 

[BIG POPPA]

Just running down the events as they took place here. Good luck with Google. I'd almost rather have an infection than to deal with Google sometimes.
Just running down the events as they took place here. Good luck with Google. I'd almost rather have an infection than to deal with Google sometimes.

[SimonW]

Something I will; be doing though is I will ban that url, noticed we have a few people linking to that sites emoticons and the fact they are blacklisted will prevent us getting unblocked even if we find a way around the SSL issue

[BrewerGeorge]

If Google says removing the password for a few days will fix it, I say go for it.

Something I will; be doing though is I will ban that url, noticed we have a few people linking to that sites emoticons and the fact they are blacklisted will prevent us getting unblocked even if we find a way around the SSL issue

You might consider killing the LULZ and GIF threads in the PH, too. Who knows where all those links came from.

[BIG POPPA]

Perhaps some new rules on hotlinking.

[denny]

Yep... I'm getting a "Fraudulent Website Warning" in Safari and Firefox (Chrome works...).

I,m getting it in Chrome

[Poptop]

I'm jonesing for the beer forum. I have urgent questions regarding starters, gel and boil times.

[HVB]

I'm jonesing for the beer forum. I have urgent questions regarding starters, gel and boil times.

Post away!

[Mynameisluka]

i feel so dirty when i come here.

[Poptop]

Post away!

I'll wait

[ScottS]

Yes, the board is showing up as brews-bros.xyz.  Yes, that is intentional.  We're playing with switching the board to that domain to work around the blacklisting.  If it works out in the end, it should be seamless, but in the meantime it'll look a little weird.

[SimonW]

The .xyz address is working fine, its not being marked as dangerous by google, although you will still some pages marked as such but that's because those pages are still calling content from .com (mainly the emoticons) which I haven't been able to locate where the url is stored for these so I can switch. You will also get not secure on some of the https pages due to mixed content  due to offsite scripts, mainly google ones like the analytics which I will solve when we get the more important aspects sorted