My website has been essentially blocked by google today and upon investigation, google says the /admin page is the guilty party. Has anyone see this issue before?

I've checked timestamps on all files in the forum directory and nothing was newer than 6 days ago and the site loaded fine a few hours ago without the 'dangerous' label.

This is probably a coincidence, but an Invision Community Support specialist logged in about an hour before I noticed this issue.

I 'fixed' it by whitelisting just a few IPs in an .htaccess file in /admin. Twelve hours after clicking the "Request Review" button, google thinks the problem is 'fixed' since it gets a 403 on /admin :P

I'm still interested to hear if anyone else has gotten flagged like this.

This is not something which I have seen, Google marking specifically the admin directory as such. This should have no customization or advertisements which sometimes Google doesn't like.

Looks like you allow both HTTP and HTTPS. It likely is seeing that as deceptive. You can try redirecting HTTP requests to HTTPS. Most of the software does this by default.

Outside of that you will want to ensure you do not have any redirects or anything else running in this directory which doesn't come with the software.

Thank you - I'll work on the HTTP to HTTPS redirect, but I'm also weary of repeating the downtime we had yesterday so I'll probably leave the IP whitelisting in place for /admin (which I should have done during forum installation anyway).

HTTP to HTTPS redirect happens at cloudflare so that's probably not it, but I guess google somehow still classifies that as HTTP being available. And in any case, that would be a problem for the whole website and it's not (yet?).

If the board URL is set to HTTP, Google would be viewing the page source code seeing references HTTP instead of HTTPS. If you are forcing this at Cloudflare, be sure your conf_global.php is set to have the board URL as HTTPS. That will prevent situations in which the software generates HTTP as the URL which would then need to redirect via the proxy.

Edited March 8Mar 8 by Randy Calvert

21 hours ago, Randy Calvert said:

If the board URL is set to HTTP, Google would be viewing the page source code seeing references HTTP instead of HTTPS. If you are forcing this at Cloudflare, be sure your conf_global.php is set to have the board URL as HTTPS. That will prevent situations in which the software generates HTTP as the URL which would then need to redirect via the proxy.

It is already set to HTTPS in conf_global.php:

'base_url' => 'https://......com/'

Thank you for the suggestion!

Edited March 9Mar 9 by micahdg

It sounds like Google was just smoking crack at the time then with the warning. :)

Glad you got the issue resolved though!

That's what I'm afraid because it means it could start smoking again at any time :O I was concerned that perhaps google was starting to flag the IB forums admin page in general as a problem and thought that if so, other administrators might be seeing a similar issue all at once. Apparently not, though, so crisis averted for now!

For anyway else who encounters a similar problem, after being presented with a bright red splash screen telling me my whole domain was deemed dangerous, I followed google's advice and logged into google's Search Console for my domain to see the specific offending URLs. Those results are visible in the screenshot in the opening post. I reviewed timestamps on the files in that directory and also the code sent to the browser client and saw nothing suspicious. Since there is no opportunity to discuss the situation with a google employee, I blocked /admin for anyone but myself and a co-admin via .htaccess file so google could no longer "see" the problem. I clicked the button to claim the issues was fixed and 12 hours later the site was no longer deemed dangerous. 72 hours later, search results returned in google.

Google is really thorough about these dangerous labels... we had a spreadsheet in google sheets that included a link to our website. Google sent us an automated email warning that our google sheets file contained a harmful link :P