Mydomain.duckdns.org marked as Dangerous after pasting passwords

Installation
1

After making my HA instance remotely accessible using DuckDNS, everything looks fine and the certificate is valid.

Whenever I type or paste any password stored in my Chrome Password Manager, Chrome marks the HA site as Dangerous and gives a popup stating the following:

CheckPasswords

Does anyone know what this is about?

1 Like
2

Chrome might have marked duckdns as a potentially risky domain, there are probably scamming / phishing sites connected to the duckdns domain.

1 Like
3

Misleading topic title.

Itā€™s not ā€œHA marked as Dangerousā€. Itā€™s duckdns.org.

4

That is true, changed it!

5

i had to send a request google to unlist my duckdns domain

1 Like
6

Did you have the same error? Were you figure out what caused it in the first place? And where did you put in this request?

7

Google chrome was showing me a warning page about deceptive website and I followed last section ( My site or software is marked dangerous or suspicious) in this page: Manage warnings about unsafe sites - Computer - Google Chrome Help

1 Like
8

Thank you for sharing this.

  • Can you please let me know how the request to google was submitted?
  • How long did Google take to respond to your request and eventually for the issue to get fixed?

I did some searching and submitted a request to this URL.
https://safebrowsing.google.com/safebrowsing/report_error/

1 Like
9

I just started receiving the ā€œDeceptive site aheadā€ Warning, I tried to register in Google Search Console but I cannot place files on HA website root folder so I only registered /local part and tried to send from there a request to remove the warning, only been a day and I will post results if anything changes.

I do want to note: itā€™s not just a warning, many times I cannot even access HA, the link ā€œproceed to unsafe siteā€ just does not work at times, for minutes, this never happened before, I did not update anything from the previous working phase to this, I think there are other issues also from this warning and whatever it disables, I get the warning on my phones and tablets on HA app also, not just on website, it is not looking good and I am running out of ideas (I cannot find anything wrong and definately not phishing as there is nothing to phish lol.

1 Like
10

Iā€™m facing similar issue as well.

Iā€™m using HA with DuckDNS since a couple of year, but only starting from today I have similar alert.

Whatā€™s up ?

1 Like
11

Same here since today almost 2 years using HA without problem, now google detect de ha web interface as a Phishing Site! The worst is android phone app crash because of this :S

1 Like
12

Same here, started a couple of days ago, very annoying red screen.

1 Like
13

Same same. Iā€™ve requested that they ā€˜unflagā€™ thisā€¦ I guess we can only wait (and revert to the necessary evil of another browser).

UPDATE:
ā€¦and the next morning, itā€™s all safe again (not it ever wasnā€™t).

14

Same for me today, I can access via the red screen of doom using a browser but the app just crashes out. I filled out the Google link to unlock, letā€™s see if they resolve. I guess Google now owns the internetā€¦

Resolved within 24 hours, Google can be my friend again

15

I have had this happen to me aswell on seemingly random occasions/periods and then it suddenly goes away, this also introduce a a problem connecting(authenticating) to HA as a custom app in Google assistant. I usually try a a few times and it goes away but since i reported it to google using the link/solution in the post by @anon63427907 and @Tinkerpop it works fine

1 Like
16

There are multiple options to fix/work around this depending on your solutions.

In my case Iā€™m using DDNS (dyndns.org) in combination with a reverse proxy NGINX and
I was able to fix it using this:
Go to https://search.google.com/u/1/search-console/welcome?pli=1
Enter my external HA URL under ā€œURL prefixā€ and click ā€œContinueā€
Copy the html file name (e.g. google4199f7d8xxxxxxxx.html)
In the NGINX config, go to ā€œEdit Proxy Hostā€ and open the ā€œAdvancedā€ tab
Enter the following (of course replace the file name with yours):

    location = /google4199f7d8xxxxxxxx.html {
            rewrite ^/(.*)  $1;
            return 200 "google-site-verification: $uri";
    }

Under ā€œCustom Nginx Configurationā€ and ā€œSaveā€ the change.
Go back to the ā€œGoogle Search Consoleā€ and click ā€œVerifyā€ (or similar).

Again, this solved the issue for my setup. Depending on your configuration, it might be different.

2 Likes
17

Your link doesnā€™t work to me. Can you use a different one so I can try your solution?

18

I need to review my instruction once Iā€™m at a computer (only having my mobile phone with me). But you could check out Googleā€™s support page for now:
https://support.google.com/webmasters/answer/34592

19

If you use DuckDNS you can also update the DNS TXT-Record with the google-site-verification token.

1 Like
20

Any hint on how to do that DNS TXT-Record?
Iā€™m running the duck dns addon