This repository has been archived by the owner on Mar 14, 2024. It is now read-only.
Needs guidance on false positives #7983
Labels
feature request
New feature or request
P2
A normal priority task. This is the default for most issues.
stale
Context
Users of the open source self-hosting package Yunohost have found that Google is falsely flagging the domain running the single-sign-on (SSO) provider within the package as malware. The site owner is presented with a list of URLs that are all sign-on requests from the hosted applications, which are frequently on different domains (but all hosted in the same server). I assume the behaviour is being mistaken for open redirects, or the misinterpretation of the (valid) 302 redirect to the SSO.The issue is fairly easily reproducible with a fresh installation of the software. I've opened a ticket for the issue.
Issue
When site owners reach this page for assistance, the information all assumes there is malware to remove from the site. However, these site owners have no malware to remove - the software is working well and as intended without any unwanted software. These site owners need advice on how to get the problem cleared, but the page only considers the case where there is in fact malware and a change can be made.
Resolution
The page needs either an additional section on dealing with false positives, or a link to a new page that does so. I have not been able to find a suitable page to link to.
The text was updated successfully, but these errors were encountered: