Hello, Google marked my site as deceptive and dangerous Help!

Yesterday I’ve deployed mail server and webmail services using mailcow. Everything works and seems right. But today after I loged in and tried to access calendar in SoGo deceptive site warning appeared. I don’t know what is wrong I have 2FA with OTP, full SSL etc. Google console don’t show anything specific and all of my subdomains and root domain is marked dangerous. What can I do when I don’t even know what to fix? Please help!

If you click on “Learn More” in the message you will be redirected to a page with further information. At the bottom of the page, in the section “My site or software is marked dangerous or suspicious”, it says the following:

If you own a site marked as dangerous or deceptive: Follow the instructions to fix the problem and request a review.
https://developers.google.com/webmasters/hacked/docs/request_review

    Have something to say?

    Join the community by quickly registering to participate in this discussion. We'd like to see you joining our great moo-community!

    mlcwuser I know but any of the instructions here don’t help at all. I don’t have idea what’s wrong

    Not sure, but you said that all your sub domains, including your main domain, are affected, which indicates that you are hosting other things beside Mailcow. Maybe one of the other sites or services have triggered the message…

    Also, I’m not an expert on this, but the specific message on your screenshot does not refer to malware (otherwise you would get a different message), but to malicious activity like phishing etc… So there is a fair chance that the Google algorithm has made a mistake, i.e. it could be a false positive. If that’s the case, you could request a review from Google to have your site(s) unflagged… web.dev Icon Request a review  |  Articles  |  web.dev

      mlcwuser yeah I realized as much I reported and I’m waiting. I just posted here to make sure maybe some of mailcow thing can be marked as phishing cause it happened just day after mailcow deployment. Will keep searching and waiting for google response
      Thanks anyway

      Looks like your domain was reported for phishing. One reason could be that your domain is pretty similar to another one (watever.one -> whatever.one).

        D4niel it can be there was few simillar domains I saw before buying this one. But I checked them and all of them was either blank or completly different purporse. Also mine don’t have any kind of public registration. I also been using this domain for a quite a time already. Just can’t find a clue why is happened now after mailcow installation. Maybe it’s just coincidence. Thanks anyway ;p

        I have read lots of reports like this recently. Lots of false reports. Maybe Google changed something. It happened to me too, not with Mailcow but with a Yunohost instance. With Google everything is automated, one never knows what they don’t like. In the case of Yunohost it seems it was the redirection caused by to the SSO system YunoHost Forum Icon Google flags my sites as dangerous (Deceptive site ahead)

        The only thing you can do then is to sign into your Google Search Console (or open an accoint there and add your sites) and report the issue there search.google.com Icon Google Search Console
        search.google.com Icon search.google.com
        Google Search Console
        . After a few days the warning will disappear then. Have you checked Virustotal as well? My site was listed there as well because of Google https://www.virustotal.com

        They verified domain as okay now

        3 months later

        This warning message has been generated by Google Safe Browsing services to ensure the safety of its users while browsing the internet. Typically, this message “Deceptive site ahead” indicates that the website you are attempting to access has been compromised or flagged by Google as insecure. Such websites are often referred to as phishing or malware sites. The warning aims to alert you about the presence of potentially harmful content and restricts access to protect your online security. While this message is legitimate, there are instances where users may encounter this warning without a genuine cause.

        Even though it is not advisable to remove Deceptive Site Ahead filter from your browser, you can do that by following these simple steps:

        To modify the security settings in Chrome browsers, you can follow these steps:

        Type chrome://settings/security in the URL bar of your Chrome browser.

        Look for the option labeled “No protection (not recommended)” and select it.

        It’s important to note that by choosing this option, your browser will no longer provide protection against dangerous websites, downloads, and extensions. However, you will still benefit from Safe Browsing protection in other Google services, such as Gmail and Search.

        However, you will have to protect your computer from the cyber threats by some other means.

          larryhems

          This is not a solution unless you are using the site only for yourself. If you have multiple users, all of them would have to disable Safe Browsing in order to get access.

          The solution is to check whether your server is not actually compromised, and if not, request a review from Google.

          No one is typing