micahdg

That's what I'm afraid because it means it could start smoking again at any time :O I was concerned that perhaps google was starting to flag the IB forums admin page in general as a problem and thought that if so, other administrators might be seeing a similar issue all at once. Apparently not, though, so crisis averted for now! For anyway else who encounters a similar problem, after being presented with a bright red splash screen telling me my whole domain was deemed dangerous, I followed google's advice and logged into google's Search Console for my domain to see the specific offending URLs. Those results are visible in the screenshot in the opening post. I reviewed timestamps on the files in that directory and also the code sent to the browser client and saw nothing suspicious. Since there is no opportunity to discuss the situation with a google employee, I blocked /admin for anyone but myself and a co-admin via .htaccess file so google could no longer "see" the problem. I clicked the button to claim the issues was fixed and 12 hours later the site was no longer deemed dangerous. 72 hours later, search results returned in google. Google is really thorough about these dangerous labels... we had a spreadsheet in google sheets that included a link to our website. Google sent us an automated email warning that our google sheets file contained a harmful link :P

It is set to HTTPS in conf_global.php: Thank you for the suggestion!

HTTP to HTTPS redirect happens at cloudflare so that's probably not it, but I guess google somehow still classifies that as HTTP being available. And in any case, that would be a problem for the whole website and it's not (yet?).

Thank you - I'll work on the HTTP to HTTPS redirect, but I'm also weary of repeating the downtime we had yesterday so I'll probably leave the IP whitelisting in place for /admin (which I should have done during forum installation anyway).

Response from IC support:

I 'fixed' it by whitelisting just a few IPs in an .htaccess file in /admin. Twelve hours after clicking the "Request Review" button, google thinks the problem is 'fixed' since it gets a 403 on /admin :P I'm still interested to hear if anyone else has gotten flagged like this.

My website has been essentially blocked by google today and upon investigation, google says the /admin page is the guilty party. Has anyone see this issue before? I've checked timestamps on all files in the forum directory and nothing was newer than 6 days ago and the site loaded fine a few hours ago without the 'dangerous' label. This is probably a coincidence, but an Invision Community Support specialist logged in about an hour before I noticed this issue.

The issue got kicked up the chain to higher-level troubleshooters. I'll pass on what I learn from their investigation, if you're interested.

🤦‍♂️ Done!

Apologies - I thought it might just be something simple I overlooked. It happens to all users. I have added access details to the only community with a current license. I'll PM you the product to try. Thank you

I have some products in my community which have Stripe and Crypto (manual) payment options assigned to them, but when anyone checks out any of these products, Stripe is the only option. In fact, no options are presented - just a credit card payment window that goes to Stripe. Is it a permissions issue? What am I missing?

As a follow-up, I finally realized these specific emails I was complaining about are for people (spammers/bots) using the Contact Us form, which requires email verification to use. Registered users would have this action listed in their logs, whether they’re using Contact Us or initiating an email change. One of my communities only has 30 members and none of them are changing their email addresses or using the Contact Us form. I have all the same invisible recaptcha settings applied to this form as the registration form, but sadly here we are with 30+ spammers a day getting through (though not far enough to actually spam me with contact requests, so that’s good). I wish we could apply the question and answer challenge to the Contact Us form, too.

Yes I understand that. My question is how do I figure out which account is requesting the change.

Nope:

Not sure whether this is related to this topic or not: https://invisioncommunity.com/forums/topic/477804-email-notification-sent-repeatedly/?do=getNewComment Both of my self hosted communities use SMTP to gmail to send emails and email verification is required for registration. The larger community has had new registrations disabled for 2 months. The smaller community has new registrations enabled. In both cases, I see outgoing email verification emails in my gmail sent folders but I cannot find new or existing members associated with the target email addresses. I only notice this is a problem because the emails keep bouncing. The same email verification email to the same addresses is being sent and bounce 4 - 8 times a day each. There's nothing in my IPS email errors logs. The repeats are for verification for the community that has new registrations disabled, so I assume these verification requests are for email address changes? I don't know how to stop the emails from re-sending or being sent in the first place. Any suggestions for what I can look at next? Thanks