Firefox is blocking my personal website based on flawed "Google Safe Browsing" What the hell?

ctag@lemmy.sdf.org to Firefox@lemmy.ml – 169 points –

Started this morning. All of my personal tools like nextcloud and RSS reader were blocked, and I had to go manually override that screen for each one. Unacceptable.

49

You are viewing a single comment

Are you using a free subdomain?

I am and have this issue sometimes. What’s the connection / cause?

Reports of individual subdomains that are running shit lead to the main site slowly being pushed to "generally non-safe".

This is a crtified .zip moment

How so?

Tldw; scammers trick people using .zip top level domains

Google should retract these new top level domains- Brodie Robertson

I personally like the domain.

The problem is just that it's too susceptible to being used to trick users, the services hosted on .zip domains aren't evil by default, like your instance that is completely legit.
If you want to see (yet another) video, Thio Joe covered this really well imo

Anyone also using that free subdomain is linked to you because you're both using the same domain

Ahhh, that makes sense. Thanks.

You're welcome.

Think of it as you sharing a house with other people. You all have your own rooms (subdomains) but live at the same address (domain). You try to order a takeaway but they've blacklisted your address because another resident abused their service

(Analogy for anyone else who comes across this)

I imagine that domain is mostly used for spam/phishing sites so Google preemptively blocks all sub domains until they prove they aren't spam. That's one of the shortcomings of using a free domain I guess.

That's one of the shortcomings of using a free domain I guess.

Domains are cheap as dirt for the most part anyways, it's like 12$/year for a .com if you don't mind having one of those weirder TLDs I've seen those as cheap as 2$/year

2 dollars a year

I got 1 dollar a year on my domain, gen.xyz has some real cheap domains if you don't care about it being a string of 6-9 numbers.

What were they thinking with some of those TLDs?

There's also .website which seems like a weird choice, yeah this website here, yeah this one here, it's a website.

Just get a cheap domain. Free domain will always get flagged, unless it's for a service with no development API. It's too easy as an attack vector, so those free domains often get flagged. If you want to avoid it all together, just get a cheap domain you own and control.

I'm not, I guess I wouldn't be surprised if this happened and I was though. Thanks for the context.