-
-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ReadTheDocs hosted website marked as potentially hacked by Google #11450
Comments
These errors are explicitly on *www.*.proj.org, a host where I currently get a low level ssl error from in my browserr. Looking in the DNS this host should also be at RTD, but it is not handled like proj.org. If I ignore all errors, I come to a Cloudflare error that this hostname is not handled. Assuming RTD doesn't do the Cloudflare wrapping, I'm not sure if the issue should be fixed here. The Cloudflare config appears a more logical location. |
Hi all 👋🏼 . Thanks for opening this issue. I've read it all and I'm a little confused about what's the exact problem here. I checked the custom domain configuration and the DNS records and everything looks fine from the Read the Docs side. I seems that URLs like https://www.proj.org/tews/video-barh-sa7ad_19.html weren't served by Read the Docs before adding Let us know if you have more context around this issue and if you suspect there is something in particular in our platform that may be wrong. |
I'm confused The DNS entries for www.proj.org are pointing to rtd, right? https://www.nslookup.io/domains/www.proj.org/dns-records/ I don't know if having both A and CNAME is a problem. But I would never expect that different pages are provided as Google was pointing |
Closing this issue. It is not clear what went wrong originally, and what has caused it to be solved, but Google no longer marks proj.org as being potentially hacked. |
The documentation of the PROJ (https://github.com/OSGeo/PROJ) project is hosted by Read The Docs, with a CNAME record from the proj.org domain the PROJ project owns to readthedocs.io.
We recently got a report in OSGeo/PROJ#4182 that Google has tagged the proj.org as potentially hacked when it appears in the result of a search. Digging with the Google Search console, the "Security Issues" sections says:
We are puzzled by this because such tews/video-xxxx or mex/video-xxxx pages are definitely not part of our Sphinx sources.
Using github all-repository search, we found that a totally unrelated repository has a page
https://github.com/kikosaad2024/adhd/blob/b2cf9c1bcb6be4b50ecc28e49daa1d23a6e903cd/news/tews/gaaa5.xml where such links are mentioned. We are not sure if it is just a coincidence, but that repository is also handled by ReadTheDocs: https://github.com/kikosaad2024/adhd/blob/main/.readthedocs.yaml
Is it possible that there is some form of unwanted interaction between 2 ReadTheDocs hosted websites?
The text was updated successfully, but these errors were encountered: