How to Get Your WordPress Site off Google Blacklisted Websites List
Table of Contents
Table of Contents
Thousands of websites are blacklisted every day. When a web resource gets mentioned on Google blacklisted websites list, it means that the search engine marks it as unsafe and the one that can potentially harm users and webmasters. As a rule, websites are blacklisted unexpectedly, making website owners apply extra effort to get their web pages removed from the blacklist while cleaning sites from viruses, worms, spyware, etc.
Is your site blacklisted? Take the following steps to remove it from Google blacklisted websites list.
What Is Google Blacklisted Websites List
Google blacklisted websites list or Google Transparency Report lets service providers and web browsers identify if a website is safe for web users. Blacklisted websites are very likely to be flagged by many other service providers, so the sooner you find out that something went wrong and get your site off the blacklist the sooner you can recapture your customer base.
Beware there are two types of Google Blacklisting:
Google Malware Blacklist
When a website gets on the Google malware blacklist, you may expect to come across such warnings as the ones listed below:
- “The Website Ahead Contains Malware!”
- “The site ahead contains harmful programs”
- “The site ahead contains malware”
- “Reported Attack Page!”
- “This website has been reported as unsafe”
These warnings are used to notify a user that the website they will visit was hacked and blacklisted. On seeing such messages, people should hold back from visiting the website.
Google is good at detecting websites with malicious code, potentially harming the site’s visitors’ machines. If a user neglects the warning message and visits the infected website, he faces the risk of getting his system crashed and making his device vulnerable to a series of other attacks.
Google Phishing Blacklist
Your website may become a target for different forms of malware, including pharma hacks, trojan horses, email scraping, phishing, etc. Website phishing is one of the most popular fraudulent attempts, as part of which attackers hack your company’s email and steal personal information. Phishing attacks may result in a website’s hosting account suspension. When Google blacklists a website due to a phishing attack, some of the most common types of warning that users see on a big red screen include:
- Deceptive site ahead
- Suspected Phishing Site
- Website Request Forgery
Users will see a notification while attempting to reach a blacklisted website, though a dedicated notice won’t appear in Google SERP.
When users see such messages, they are informed they shouldn’t share any personal details or private information because Google has detected someone having changed the site to deceive users. As a result of a phishing campaign, such notifications can also appear on pages flagged as deceptive or ads.
How to Remove WordPress Site from Google Blacklisted Websites List
If it’s happened so that your website got blacklisted, don’t panic! There is always a way out from the most complicated situation. Consider following the steps described below to get your WordPress website off Google blacklisted websites list.
Depending on the type of Google Blacklisting where a website was spotted, the search engine displays different types of notification messages that match each specific case. Let’s take a closer look at the messages that you may face when trying to reach a website and what meaning each of them bears.
- “The site ahead contains malware.” As a rule, the notification pops up on websites that trigger malware installation, which results in severe infections of your computer system.
- “The site ahead contains harmful programs.” Even though the message sounds similar to the previous one, both of them have different meanings. This specific warning appears when a website distributes adware, like changing the browser homepage or installing browser add-ons that trigger malicious redirects and ads.
- “Deceptive site ahead.” The message appears on phishing websites, which trick users into being legit and asking them to submit their personal information for nefarious purposes.
- “This page is trying to load scripts from unauthenticated sources.” The notification appears on websites that claim to be secure (have a valid SSL and run on the HTTPS protocol) but feature images and other resources from a non-SSL website.
- “Your connection is not private.” The message pops up on websites featuring an invalid SSL certificate.
- “Continue to [site name]?” When you mistype the website’s URL address, Google will show up this warning to ensure it’s the right address of the website you will visit.
Checking with Google Transparency Report
Google Transparency Report is a free service that lets you check how safe your website is in real-time. If the search engine finds any issues, it will display warnings and alerts that website owners should immediately take care of.
We checked itmonks.com with the tools. It’s absolutely safe for browsing:
Besides using the Google Safe Browsing tool, you may also check how your website and descriptions of its pages show up in search results. To check it, simply enter “site”mysite.com” in Google search and hit enter. Look through the results carefully.
Running a Malware Scan on Your Website
Running regular malware scans is a good habit that every website owner should have. Preventing the possible risk and security issues is always better and more effective than handling the issues when your website gets hacked. Many handy tools will come in handy for you to run a malware scan. With their help, you have an opportunity to scan malware on your site in different ways:
- Installing a dedicated plugin on your website, you can run an internal scan of all files and database. Depending on the chosen extension, you can get a detailed analysis and in-depth scan of all elements and pages of your site. You may also get suggestions on the steps that should be taken fr keeping your website safe and sound. A malware scan plugin can inspect each infection and clean it up to keep your web page safe with no or minimal loss.
- You may also find an infection using an external malware scanner. An external service will check your website for the risk of malware and infection. Though external scanners are rather helpful, they are less powerful than the internal malware scanners installed on your website. Some of the most popular external malware scanning services include Sucuri Sitecheck and malCure WebScan.
- Your web host may also run a malware check of your website. Every good web host will deliver the service for free and provide you with a list of infected files (if any are detected on your site). However, when you choose this option, you should mind that a host detects malware on your site, it can block your web pages until you fix all issues.
Removing Malware from Your Website
If you detect malware on your website, don’t hesitate to proceed with a cleanup using any of the two ways described below.
Removing Malware by Yourself
This method will come in handy to tech-savvy website owners and those who are willing and not afraid of learning how to identify malware on websites. To find and plug in the security loopholes, you need to be familiar with the usage of such FTP clients as FileZilla, phpMyAdmin, ssh / shell, WP CLI, etc.
Asking a Web-Security Expert for Help
Hiring a web designer is not enough in this case. Take your time to find an expert in handling website security issues. A professional security expert checks your site’s vulnerabilities, identifies the infected files, cleans them up, and communicates with Google to remove your site from the blacklisted websites list. This method is not as cost-effective as the previous one, but it’s definitely worth the investment if you feel something goes wrong with your website.
Submit Your Website for a Review
It’s a vital step that many website owners neglect or forget about after completing malware removal. However, if you miss this step, you may get back to the point when everything started. The infested file will continue to serve malware to your visitors and Google will keep on listing your site as the one that is blacklisted.
Google needs to know what specific steps you have taken to clean malware and infected files they had detected on your site. Before removing your web page from Google blacklisted websites list, the search giant will verify that the website owner has taken care of every step to make the web resource safe for users.
After you complete the malware removal on your site, double-check your site’s files and database thoroughly using several extra internal and external malware scanners. When you are 100% confident that your site is clean and no links are going to malicious websites, you may consider submitting your website for a review.
You should also ensure that your website is verified in Google Search Console. You can check this while taking the following steps:
- Open Google Search Console and select your website;
- Click on Security & Manual Actions > Security Issues;
- Request a review. As soon as the search giant scans your website and verifies that it doesn’t feature any malware or infected files, they’ll remove your site from Google blacklisted websites list.
After submitting your website for a review, Google needs a day to check your website and give you feedback. If they find your website malicious, a website security specialist will help you ensure the search giant that your site is safe and doesn’t feature any malware. The expert will take care of communicating with Google up till the moment the issue is resolved to your satisfaction.
It’s never a pleasant experience to find your site on Google blacklisted website list. However, it never means that you can’t do anything to solve the issue. The sooner you detect malware the sooner you will act and recover. While following the steps described in this guide, you can get your website back on track, clean it from malware and infected files, and make it safe and trustworthy back again.
When you take back control of your website, you may notice a reasonable amount of bot traffic targeting your site. Ensure that you have taken strong security measures to keep your site protected and prevent the risk of malware attacks in the future. To ensure that your site is safe and sound, set up regular backups, take care of updating plugins and WordPress core regularly, improve your website’s admin panel security, and add user activity monitoring plugins.