How To Remove ‘Deceptive Site Ahead’ Warning?

Oct 31, 2020

How To Remove ‘Deceptive Site Ahead’ Warning?

Oct 31, 2020

Are you worried about what the warning “Deceptive Site Ahead” on your site means? Are you wondering what its consequences are? Will you lose customers and visitors? Or has your site been incorrectly flagged as deceptive?

This warning means search engines like Google have detected a hack on your site and blacklisted it in order to protect their users from being victims of data theft and fraud. So yes, you should be worried because it will result in a loss of visitors and revenue.

Apart from that, hackers will damage your site, your business, and your reputation! But you don’t have to worry because you can recover your site. You just need to act fast.

In this ‘Deceptive site ahead’ removal guide, we’ll show you the exact steps you need to quickly fix your hacked website and remove the security warning. You can get your site back to normal in no time.

TL;DR – If your WordPress site is hacked and you want to fix it immediately, install MalCare. It will scan your website and remove all traces of malware within a few minutes. Your site will be completely clean and you can submit your site to Google to remove the “Deceptive site ahead” warning.

What Is “Deceptive Site Ahead” Warning?

To explain the ‘deceptive site ahead’ warning and show you how to fix it, we’ll use the search engine Google as it’s the most popular one. The process will remain relatively the same for other browsers such as Mozilla Firefox.

Did you know Google gives top priority to its user’s satisfaction and safety? In fact, there are many online safety measures included in the Google’s Chrome browser. These measures protect users from being tricked into visiting deceptive sites, downloading malicious software, having their data stolen or their devices hacked.

Keeping in line with prioritizing security, Google constantly scans websites for malware which would put their users at risk. If it detects malware on your website, it does the following:

    1. It blacklists your website and marks it as an unsafe site.
    2. It adds a warning to your site such as “Deceptive site ahead” or “This site contains malware”.
    3. Depending on the risk posed by your site, it gives users an option to bypass their security warning and proceed to your site by clicking on ‘details’. Or they can choose to leave the site and go ‘back to safety’.


google wordpress blacklist


What Causes The “Deceptive Site Ahead” Warning?

As we just discussed, Google has detected malware on your website and has therefore, flagged your site as deceptive or potentially dangerous. How did malware enter your site? This can happen in many ways. Here we’ll discuss four of the main reasons:

    • Vulnerable themes and plugins

      It’s common for themes and plugins to develop vulnerabilities over time. When vulnerabilities are discovered, developers release security patches to fix it. These patches come in the form of an updated version. Once you update to the new version, the vulnerability will be fixed. However, sometimes hackers find the vulnerability before the developers do and sometimes website owners don’t update to the latest version for a while. This enables hackers to find the vulnerability on your site and compromise it.

    • Installing nulled or pirated themes and plugins

      Nulled software gives you access to premium features for free and it’s tempting to use such versions. However, such software comes with preloaded malware. This enables hackers to distribute malware to any site that installs it. We don’t advise ever installing software and unwanted programs like this.

    • Uploading a file from an infected device

      If your computer has been infected with malware, it could affect your website as well. When your computer or device is infected, it’s likely that your files get infected too. By uploading files from a malware-infected device, you risk spreading the infection to your website.

    • Visiting a malicious or phishing site

      There are times where you may be misled to open a malicious website. These sites are coded in such a way that by simply visiting the site, it could infect your computer and your own website if you have your WordPress dashboard open on another tab.

When a hacker compromises your website, they could use it to run malicious or phishing activities wherein they steal your visitors’ personal information, dupe them into downloading malware, or defraud them financially. This opens up doors to severe repercussions for you and your business.

Note: If you feel none of these apply to your site and it has been incorrectly blacklisted, you can file a report to Google.


Impact Of “Deceptive Site Ahead” Warning On Your Site

If your site has been flagged with the ‘Deceptive Site Ahead’ security warning, you may experience serious consequences like the following.

    1. Decrease in traffic – When your visitors see the “Deceptive site ahead’ warning, they will likely choose to ‘go back to safety’. This will cause your traffic to drop drastically.
    2. Fall in SEO ranking – Google penalizes your site for having malware which will cause your SEO rankings to drop. Your site can be ranking among the top three one day, and you would see it drop to the second or third page the next. Your site may not even appear in Google’s search results pages.
    3. Web host suspension – Once your web host detects malware on your site, they will suspend your account immediately. This means you can’t host your website on their platform till you clean the malware. They do this in order to protect their own interests, their servers and other users on their platform.
    4. Loss of revenue – If you have an online store or depend on ads to generate revenue, you stand to lose your earnings as well.
    5. Damage to reputation – Hackers can carry out all sorts of activities like duping your visitors and customers. This can severely damage your reputation as the hack is carried out under your website’s name. If visitors are alerted that your site is deceptive, you can be sure they won’t return.

This is why it’s so important to fix this warning promptly to have safe browsings for visitors. We’ll show you how to do this with a step-by-step guide in the next section.


How To Fix “Deceptive Site Ahead” Warning

Fixing the warning by Google is not difficult provided you take the correct steps. First, you need to identify the malware and then you have to clean your hacked WordPress site. After this, you have to submit your site to Google to remove the blacklist. Let’s take a look.

Step 1: Scan your WordPress site for malware

It’s important to first identify the malware and find the files that are infected. This will help in cleaning your site thoroughly. You can do this using a malware scanner.

There are many malware scanners in the market, but today, we’ll show you how to use the MalCare Security Scanner. We choose MalCare because:

    1. It’s capable of locating all types of malware on your site in under a few minutes.
    2. Even if a hacker disguises or hides their malicious code, MalCare will find it because it uses a process that analyses the behavior of code. This helps them determine which codes are malicious even though they look legitimate.
    3. Many scanners run only a surface scan that doesn’t check every file and folder of your site. MalCare takes a deep dive into your site and analyses every inch of your site, including your database. It leaves no stone unturned.

To use MalCare, simply install the plugin on your site. Access MalCare from the left-hand menu on your WordPress admin dashboard. Here, enter your website name and select Malware Scan.


free malcare scan


You will be redirected to MalCare’s independent dashboard where it will begin its automated scanning process of your site for malware. After it identifies all the malware present, it will show you the number of number of hacked files found:


malcare malware scan report


Step 2: Remove malware from your site

Once you’ve scanned your site, you can remove the malware from your site using two methods – manually or using a plugin like MalCare.

You may come across guides on how to clean your WordPress site manually but we do not recommend this method. Here’s why:

    • Any time you make changes to your WordPress site, you risk breaking your site. Even the slightest misstep can lead to your site malfunctioning or crashing.
    • This method is not effective. Hackers cleverly disguise their malware and hide backdoors that allow them to gain secret access to your site. It’s extremely difficult to identify every hacked file and backdoor and get rid of them.
    • To clean your site manually, you need to delete the hacked files. Doing so can break other functions that depend on these files.
    • It’s time-consuming and requires dedicated manpower.

As we discussed earlier, the longer your site is hacked, the greater the consequences. What we recommend is using an effective WordPress security plugin – MalCare. It uses a process that gets rid of infected files without breaking your site. It will also find and delete any backdoors created by the hacker. All this is done in just a few minutes saving you time and resources.

To clean your site using MalCare, simply click on the auto-clean button:


malcare files database clean


Once done, it will show you that your site is clean.


on-demand scan malcare


Take a screenshot of this page that indicates your site is clean, you’ll need it in the next step.

Step 3: Submit your site to your web host (In case of suspension)

Contact your web hosting provider and request them to remove the suspension. You can do this via phone, email or chat – depending on the customer support options your host provides.

Send them the details of your site along with the screenshot from MalCare that indicates your site is clean.

They will review your request, and upon finding your site clean, they will remove the suspension.

Step 4: Submit your site to Google

To remove the Google Blacklist warning, you have to submit your site for review. Before you do so, you need to ensure that you follow their removal instructions:

    • Sign up or log in to Google Search Console. Verify ownership of your website.
    • Clean your website of the hack.
    • Fix the security vulnerability that led to the hack.
    • Bring your clean site back online by contacting your web host.

Once you’re confident you’ve taken these steps, you can request a review to remove the deceptive site ahead warning in Chrome.

    1. Log in to Search Console and access Security Issues Report.
    2. Select Request a Review.
    3. You need to fill in the information required on what steps you took to rectify the malware issue.
    4. Submit your request.

The processing time for a review request can take a day or even several weeks. You will receive a response in your Messages in Search Console or Webmaster tools account.

Once Google determines that your website is clean, the warning will be removed within 72 hours.

Note: If your request isn’t approved, it means you need to reassess your site for malware or spam. You can contact the dedicated MalCare support team 24×7 to answer your queries.

After your request is approved and your site is working as expected, we recommend taking additional measures to secure your site.


Prevent “Deceptive Site Ahead” Security Warning

Going through this ordeal once is bad enough. It would be a nightmare to face it again. To ensure your site isn’t hacked again, we recommend the following security measures:

    • Install a Security Plugin

Always keep a website security plugin active on your site. With MalCare installed, it will scan your site every day to identify any suspicious extensions and behavior or malware on your site. Also, plugin puts up a firewall that will defend your site against known dangerous traffic. When hackers see that you have basic website security measures in place, they usually give up and move on to their next target.

    • Update WordPress Regularly

Outdated software is one of the most common reasons for a hacked website. When developers find security flaws, they release security patches in the form of updates. The vulnerability is made publicly known. Once you update your website, your site will be secure. But if you choose to delay the update, hackers are aware of the vulnerability and actively seek it out to exploit it.

We advise you to update your WordPress core installation, plugins and themes regularly. If you find updates are too frequent or cause issues for your site, follow our guide on how to safely update your WordPress site.

    • Use Only Trusted Themes & Plugins

As we mentioned earlier, nulled plugins and themes contain malware. Installing such software opens the door to hackers. It’s best to use only trusted plugins and themes that you can find in the WordPress repository or in trusted marketplaces like CodeCanyon or ThemeForest.

    • Delete Inactive Themes & Plugins

Plugins and themes are often exploited to compromise WordPress sites. It’s best to limit your use of these elements only to the ones you actually use. Delete any inactive themes and plugins on your site to lower the risk of attacks.

    • Implement Website Hardening

WordPress recommends you take certain measures to harden your WordPress website’s security. These measures include changing all passwords and secret keys regularly, setting up alerts for suspicious logins, limiting login attempts, among a list of other measures. Implementing these measures manually takes time and requires technical knowledge. If you’ve installed MalCare, you can harden your site from its dashboard with just a few clicks.


malcare site hardening


That brings us to the end of fixing the ‘Deceptive Site Ahead’ pop up on your website. We’re confident that if you’ve followed our guide, your website should be free of malware and protected against future attacks.

Besides these, you can also take a few more security measures like moving your site from HTTP to HTTPS, protecting the login page, etc.


Final Thoughts

Getting a ‘Deceptive Account Ahead’ notice on your WordPress account can be alarming. But it’s important to not panic and do anything in haste. Be that as it may, you can fix this condition easily by taking appropriate measures. To summarise,

    • If you’re issued this warning, it indicated that malware has been found on your site by Google.  Google blacklists your site and shows this malware alert in order to protect their customers.
    • You need to clean up the malware on your site to get rid of this warning. To identify and remove the malware from your site, we suggest using a WordPress security plugin like MalCare.
    • After your site has been cleaned, you need to remove the suspension from your web host You’ll need to get in touch with your web host for this. 
    • Next you need to apply to Google to have your website reviewed.
    • Once your site has been reviewed and approved by Google, your site will be restored to normal!

We recommend using website hardening measures to add more layers of security and future-proof your site against similar attacks. Last but not the least, use a reliable tool like MalCare which takes care of all the heavy lifting and keeps your site protected and malware free!

Clean your hacked website with our
MalCare Security Plugin now!

Deceptive site ahead
Notify of
Inline Feedbacks
View all comments
Share via
Copy link