[GH-ISSUE #114] Google has blocked my website for a phishing content #81

New issue

Closed

opened 2026-03-02 15:55:35 +03:00 by kerem · 3 comments

kerem commented

2026-03-02 15:55:35 +03:00

Owner

Originally created by @znaczki654 on GitHub (Jan 5, 2019).
Original GitHub issue: https://github.com/prasathmani/tinyfilemanager/issues/114

I found that my site was warned by google that it's deceptive website in which users can have stolen some user's credential. And futher more, it wasn't only the part with the file you've sent, but the whole website was flagged.

Also before the warning, google chrome has its own warning when I was visiting this site as it may be phishing, but other web browsers doesn't and it was only on site reserved for a tiny file manager file called ftp.php .

Now the site is flagged and even on firefox it shows a red banner, because firefox uses google's safe browsing API.

I hope it's been fixed by now but for security reasons I'll send you the code.
The version of Tiny File Manager is 2.1.

Hope the newest version doesn't have that security leak.

Regards, Jan.

Code:
https://pastebin.com/u6ssseeG

Originally created by @znaczki654 on GitHub (Jan 5, 2019). Original GitHub issue: https://github.com/prasathmani/tinyfilemanager/issues/114 I found that my site was warned by google that it's deceptive website in which users can have stolen some user's credential. And futher more, it wasn't only the part with the file you've sent, but the whole website was flagged. Also before the warning, google chrome has its own warning when I was visiting this site as it may be phishing, but other web browsers doesn't and it was only on site reserved for a tiny file manager file called ftp.php . Now the site is flagged and even on firefox it shows a red banner, because firefox uses google's safe browsing API. I hope it's been fixed by now but for security reasons I'll send you the code. The version of Tiny File Manager is 2.1. Hope the newest version doesn't have that security leak. Regards, Jan. Code: https://pastebin.com/u6ssseeG

kerem closed this issue

2026-03-02 15:55:35 +03:00

kerem commented

2026-03-02 15:55:36 +03:00

Author

Owner

@bk987 commented on GitHub (Jan 6, 2019):

@znaczki654 Were you using the default password which is "admin", or did you change it?

@bk987 commented on GitHub (Jan 6, 2019): @znaczki654 Were you using the default password which is "admin", or did you change it?

kerem commented

2026-03-02 15:55:36 +03:00

Author

Owner

@simon511000 commented on GitHub (Jan 6, 2019):

I'm sure this problem has nothing to do with tinyfilemanager, is your site in HTTPS, and if so, could you regenerate the certificate?

Also, if your site is in HTTPS, can you just test with HTTP? Do you still have the problem?

Good luck ;)

@simon511000 commented on GitHub (Jan 6, 2019): I'm sure this problem has nothing to do with tinyfilemanager, is your site in HTTPS, and if so, could you regenerate the certificate? Also, if your site is in HTTPS, can you just test with HTTP? Do you still have the problem? Good luck ;)

kerem commented

2026-03-02 15:55:36 +03:00

Author

Owner

@znaczki654 commented on GitHub (Jan 17, 2019):

I've updated the version and since 04th January they haven't blocked my website so it might be right now.

@znaczki654 commented on GitHub (Jan 17, 2019): I've updated the version and since 04th January they haven't blocked my website so it might be right now.