How to remove a WordPress website from Google's dangerous sites blacklist

When I published the guide on how to clean a hacked WordPress site, some of you told me that if I could expand a little more the part of removing the web from Google’s list of dangerous sites , so here we go.

What is the Google blacklist?

Google blacklists more than 10,000 websites every day. When a website is added to Google’s blacklist, it means that Google and other search engines are marking the website as dangerous and unsafe .

Google’s Safe Browsing Security Team identifies unsafe websites across the web and alerts users and webmasters of potential harm.

A blacklist notice often surprises the website owner, causing disbelief, denial, and confusion.

It takes a certain level of technical knowledge and prudence to be able to remove your website from Google’s blacklist . It can be quite a difficult task to get your website removed from Google’s blacklist once it is infected with malware, including ransomware, spyware, viruses, worms, and Trojans.

The importance of the Google blacklist

The Google blacklist or Google’s transparency report is used by hundreds of service providers to identify whether a website is safe for users.

It is also used by popular browsers such as Firefox to ensure the protection of its users. If your website is blacklisted by Google, it is most likely flagged by many other service providers as well.

The sooner you remove your website from Google’s blacklist, the sooner you can recover your user base and the value of your brand.

How to interpret blacklist warnings

Although they are generally called “malware” or “phishing” websites, Google has very specific messages for each case:

  1. The website you are going to access contains malicious software: Typically, these types of sites try to cause malware to be downloaded or installed. This will lead to the infection of your computer system ..
  2. The website you are going to access is misleading: This is a warning issued for the “phishing” site (sometimes called a “spoofed” website). These types of sites mislead the user into believing that the site is legitimate and make them submit their information, such as usernames, passwords or even payment details, for harmful purposes.
  3. Suspicious website : The site you want to visit appears suspicious and may not be safe.
  4. The website you are going to access contains harmful programs: Although it may seem very similar to the first one, there is a semantic difference. This specific warning is triggered when a website is known to distribute adware such as changing the browser’s home page or installing browser add-ons that can trigger malicious ads or redirects. Specifically, the main target is your browser.
  5. This page is trying to load scripts from unauthorized sources: This warning is only displayed on websites that claim to be secure (have a valid SSL certificate and work with the HTTPS protocol) but include scripts and resources such as images from a non-SSL website. A related warning “Your connection is not private” is the result of an invalid SSL certificate. The SSL-related warnings are not caused by Google’s blacklist, but rather by Google’s commitment to the HTTPS protocol.

How to find site status based on Google Safe Browsing

Safe Browsing is a service that Google’s security team has created to identify insecure web sites on the web and notify users and web administrators of potential damage .

They scan billions of URLs a day for insecure websites. And when Google detects an unsafe site, it displays warnings in Google search and web browsers . You can check the status of the safe browsing site here .

Another possible method would be to do a search for your site on Google. Just enter ” site:midominio.com ” (without the quotes) in the Google search box and hit enter (replace midominio.com with yours).

The results will show the titles and descriptions of the pages of your website as they appear in Google. A hacked website usually has the titl
es of its pages hijacked.

First of all …

Finding your website on Google’s blacklist is never a pleasant experience .

In fact, most infections result in a loss of traffic, search engine rankings, brand equity (trust), and also a lot of wasted ad spend when it comes to paid ads.

The sooner you learn of an infection, the faster you can act and recover .

How to find and clean malware and other infections from your WordPress website

If your website is blacklisted by Google, the first thing to do is find out what is causing this warning , locating any infection, malware or whatever makes your website appear unsafe for Google and users.

Next, you must take steps to completely clean your website of malware and any malicious script .

We have already seen all this in detail in the following guide, which if it is your case, I recommend you read and apply right now …

How to clean and recover a hacked or infected WordPress

Request a review

Once you have completed the removal of the malware, you have to make sure that your website cache is purged .

Sometimes skipping this small step can lead to a lot of frustration and wasted time and effort. An outdated cache will continue to serve malware to visitors and Google will continue to flag the web as malicious.

Before requesting a reconsideration, recheck your website . Use multiple scanners, internal and external, to ensure that malware is detected in the event that one of them fails. Sometimes there can be outgoing links to malicious websites that the internal scanner ignores, but some external scanners are capable of detecting them.

Once you’ve made sure your website is clean, you can submit a reconsideration request.

Google needs to know the specific steps it has taken to ensure that its website is clean. They will verify if this is what you have done to eliminate the malware they have detected. They also want to make sure that you are aware of everything and that, as the owner, you know that your website is safe for users.

Make sure your website is verified in Google Search Console. Here’s Google’s guide on how to request a review. Follow these steps:

  1. Go to the Google Search Console and select the affected (web) property
  2. Go to the section «Security and manual actions → Security problems»
  3. Click “Request a review” Once Google verifies that your site is clean and no longer infected, it will remove the message that “This site may have been hacked”

Once the web is submitted for review, it usually takes Google about a day to resolve it .

In case they still find that the website is not secure, it is advisable that you contact the help of a web security professional to make sure that the website is clean .

A professional security expert will also help you submit a review request to Google and ensure your site is clean, conduct a root cause analysis, and follow up with Google until the case is resolved favorably.

Last steps

Cybercriminals can be upset if you regain control of your website. In the next few days you may see an increase in URL requests and even a lot of bot traffic (as legitimate search bots try to re-index your website).

It is important that you take strong security measures to protect your website from future attacks , as once you are on the hackers’ radar, they will keep trying to find a way to get back in before giving up.

Also, after going through this experience and having invested time, effort and money, you must make sure that it does not repeat itself again and takes you back to where you started. Take the following steps to proactively secure your website:

  • Configure and automate WordPress backups
  • Strengthen the security of your website
  • Add web monitoring
  • Protect your website through a web application firewall (WAF), either at your hosting company or from a CDN like CloudFlare
  • Monitor, update WordPress (core, plugins and themes)

Lastly, remember:

  • Don’t panic.
  • Don’t stay in disbelief or denial.
  • Take immediate action.
  • Make sure to do a thorough cleaning.
  • Don’t forget to clear the cache.
  • Be patient and professional in your communication with Google.
  • Practice proactive security.

And finally, take this experience as a rich learning opportunity that works out in your favor in all cases, no matter what.

( 5 votes, average: 5 ) Rate this article to help improve the quality of the blog
Share on Twitter Share on Facebook Share on Pocket Share on LinkedIn Share on WhatsApp Share on Telegram

Did you like this article? You can’t imagine what you’re missing on YouTube !

About Us

We are BE OF THEM, a team specialized in the field of digital marketing and programming, our headquarters is in Germany, and our activity has expanded to reach all parts of the Middle East, especially the Arab Gulf countries.

Do you need to raise your site's score?

We have the perfect solution for marketing your business

Contact Us

Call us, or message us by email & whatsapp

We will be happy to talk to you, and knowing everything about your work.

All rights reserved, © 2021