MikeyRaa Posted October 4, 2022 Share Posted October 4, 2022 Hi community, My Unraid box is sat in my lan and I am using nginx reverse proxy and an open port on my firewall to self host a bunch of services. Most of them are running as dockers but I have a few VMs too. For example- bitwarden, nextcloud, organizr, plex just to name some of them. When using bitwarden from outside my lan, Chrome identified my domain as being unsafe with the 'Deceptive Site Ahead' warning. I also had difficulty logging into the Unraid box from inside my lan. A search online advises me to scan the affected website and clear the vulnerability & malware but I have no idea how to do this on my Unraid box. Each of the services are accessible via a specific sub domain I've set in nginx and cloudflare. For example plex.mydomain.com forwards to the plex docker container. However, checking mydomain.com comes up as compromised by Google. So I don't know which site/sites are affected. I've shut down the unit but I'd like to run a malware and vulnerability scan and removal on the Unraid box but I don't know how to go about this? I'm desperate to get back up and running. Can someone please help and advise me on how to remedy this? Thanks in advanced, Mikey Quote Link to comment
Comfuzio Posted October 4, 2022 Share Posted October 4, 2022 Wait, this seems more like you haven't gotten signed certs for your server/sites than a hack! Do you have a static external (true) IP? Have you port forwarded 80 and 443 from your router to your unraid? When you try to sign a cert, does it completes successful or do you get any error? Quote Link to comment
MikeyRaa Posted October 5, 2022 Author Share Posted October 5, 2022 (edited) @Comfuzio Thanks for reply. I do not have a static external IP. I'm using cloudflare for dynamic DNS. I was using a port forward to send 443 to the local IP of my nginx proxy manager. I've disabled this off for now just in case. Not sure how to answer the third question. But- When visiting the IP of my Unraid dashboard I get 'This site can not be reached' And with the port forward enabled I am not able to reach any of the sites. Something to do with SSL cert(s) on the Unraid box. I really havent got much of a clue. However, I can SSH to the Unraid box and some of my web services can be accessed via their associated local IP and port number. Edited October 5, 2022 by MikeyRaa Quote Link to comment
Cpt. Chaz Posted October 6, 2022 Share Posted October 6, 2022 i've actually got the same issue. i tried submitting a request to google to unflag it, and shortly after it worked for a little while, and was flagged again. scoured around looking for a solution to no avail, so i'll be keeping an eye on this post. but, you are not alone 😂 Quote Link to comment
gwl Posted November 18, 2022 Share Posted November 18, 2022 Following this topic, as I'm encountering the same problem with my sites too. I can't recall when this started for me, but from Oct sounds about right. I also use NPM. Using Let's Encrypt, with or without a DNS Challenge and/or a scheme of http or https, has the same outcome of a "Deceptive site ahead". Could it be something to do with Let's Encrypt? Or perhaps DuckDNS? I am not sure how to create the Custom Certificate, so perhaps that's an avenue to explore? Cheers, gwl Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.