Remove the Google Blacklist Warning from Your Website – Easy Guide

Are your customers complaining that your site is being flagged as “not safe” by Google?

Perhaps you can see site warnings on the Google search engine results when you search for your own webpages?

If so, we have some bad news for you:

  • Google Safe Search has put your site on the Google blacklist;
  • Your website is probably hacked;
  • And your customers can see the blacklist warnings in search results too.

The worst part of that news is that your site is hacked. The common Google blacklist warnings like, site ahead contains malware, deceptive site ahead, this site may be hacked are just a symptom of a much larger disease.

Think of the amount of effort you put into your business to generate online traffic and sales. 

All that can be destroyed by some WordPress phishing scam in a matter of days if you don’t act now.

Fortunately, you can still salvage the situation.

MalCare has its own monitoring features for google blacklisting. So, we get a lot of instances where Google blacklist website and the website owners have no idea what to do next. That’s why we decided to create this little tutorial.

Now, if you’re 100% sure that your website has blacklist warning by google, skip ahead to the part where we talk about blacklist removal.

If you’re still not sure if the problem is the Google’s blacklist or some other website security threat entirely, keep reading.

In this article, we’ll tell you all about:

  • What is the Google blacklist?
  • How to assess the extent of the damage done to your site
  • How to get off the Google blacklist warning?
  • How to recover your damaged reputation
  • How to prevent your site from getting hacked and blacklisted

Let’s dive right in.

TL;DR: The longer you stay on the Google Blacklist, the more damage there is to your brand and your revenue. The quickest way to get off, is to install MalCare to remove your site from Google Blacklist. MalCare can scan your site, remove the malware, and implement rock-solid defenses. And then request a manual review on Google Search Console.

What is Google Blacklist?

The Google blacklist or the URL: blacklist is a list of websites that Google thinks are hacked or spreading malware to visitors. If a website is blacklisted, then Google or other search engines, and anti-virus companies start marking the website as “unsafe” for visitors to try to stop people, from using the blacklisted website.

unsafe websites or spam websites get removed from Google’s search engine results to stop the malware infection from spreading.

Of course, this is not arbitrary de-indexing.

Google makes money by providing the very best search experience there is. Naturally, they will do anything to prevent people from downloading malware or malicious software and visiting dangerous websites. Blacklisting a website does destroy its organic traffic. But at the same time, it also defeats the attacker.

Google Safe Search has strict guidelines for what kind of code constitutes malicious website. 

But Google Safe Search can only recognize malware infection that manifests itself in the content or the “browser-visible” parts of the site. It can’t pinpoint the exact nature or origin of the malware. So, it does the most logical thing it can – it stops sending traffic to that malicious website.

The good news is that you can still recover your site and get off the blacklist warning by google.

The bad news is: In our experience, a blacklisted website loses nearly 95% of all organic traffic. 

If you are still doubtful about the fact, if you are hacked – you can continue reading. Else you can jump right ahead to how you can remove the Google Blacklist Warning Section.

Drop in Traffic Because of Google URL:Blacklist

Imagine the damage it does to sales and revenue.

How to Get Off Google Blacklist?

Now that you understand what Google blacklist is, it’s time to deal with the problem.

In the next few sections, we’re going to help you:

  1. Confirm if your WordPress website is actually blacklisted
  2. Assess the extent of the damage done to your site
  3. Scan your website for malware and clean it
  4. Remove your website from Google Blacklist

Let’s dive in.

1. Confirm That Your Website Is Blacklisted

If your website displays the security warning “This site may harm your computer” in search results, your site is blacklisted by google or part of the URL blacklist.

Of course, that’s not the only kind of warning you can get.

You can also get the very ambiguous Google security warnings:

  • “The site ahead contains malware/harmful programs”
  • “Reported Attack Page!”
  • “Danger Malware Ahead”
  • “This website has been reported as unsafe”

Google blacklist warnings for websites
security warnings in difference search engines

This is a real pain.

Not only are the common Google blacklist warnings message truly vague, but almost every major search engine uses Google Safe Search to serve safe links to the user and protects them from visiting malicious domains.

But one thing is for certain: Google now sees your WordPress site as spam. Your site will be lumped together with other malicious domains on every search engine.

In other words, if Google search engine has blacklisted your site, then it has ripple effects across all users and not just Google Chrome users.

Just in case you don’t see the warning messages, here are a few more ways to confirm google’s blacklisting status:

Check your Email

If your WordPress website has been hit by the URL: blacklist by Google, then you will get a notification from Google Search Console (formerly Google Webmaster Tools).

Usually, this notification will tell you loud and clear that your site is blacklisted.

In most cases, the entire site is not on Google’s blacklist. Instead, specific URLs that Google identifies as malicious are blacklisted. The list of all these URLs will be clearly mentioned in the email.

2. Assess the Extent of Damage Done to Your Site

So far, we’ve already covered how to confirm if your site is affected by the Google’s blacklist or not. Now, it’s time to understand what pages are affected and how badly those pages are affected by malware.

Fortunately, there’s a very simple way to do this.

Check Search Console for Blacklist Warning

The Google Webmaster Tools is the perfect place for definitive answers.

If your Google Search Console isn’t set up yet, go ahead and verify your property first:

google console select property type

Then, head over to the Security Tab and click on security issues:

Check Google Search Console's Security Issue Tab

Go to the infected pages:

Malware Warning on Google Search Console

Click on ‘Learn More’ in the ‘Detected Issues’ section and understand where the infection manifests itself. Is it:

  • In a page? (Eg.: blog.example.com/pages/page1.html)
  • In a group of pages? (Eg.: blog.example.com/pages/)
  • In a post? (Eg.: blog.example.com/post1/)
  • In the entire blog? (Eg.: blog.example.com/)
  • In the whole domain or subdomain? (Eg.: example.com)

Understanding where the malware manifests itself is a good way to start narrowing down on ways to clean it up.

Pro Tip: Check the date when Google discovered suspicious content. You can find the discovery dates next to the URLs provided in the ‘Detected Issues’ section. Google does not always provide a lot of information on the URL blacklist. Checking the dates can help you narrow things down even further. For instance, did you install a plugin right before that date?

If the infection is restricted to a small number of pages, then you can try to ‘Test Live URL’ for those pages to examine the contamination:

Finally, look for indexed pages – have the infected pages also been deindexed?

URL deindexed

This is going to be important later on.

Use Google Safe Browsing for Google Blacklist Check

If your website’s content has blacklist warning by google safe browsing because your website has been hacked, then you will get a notification from Google Search Console.

But what if your Search Console is not set up?

Indexing the sitemap can take a lot of time. So, the simpler alternative is to go to Google Safe Browsing and check your website for URL blacklists.

Google Safe Browsing

The only problem here is that this is a very manual process. You have to know ahead of time that there are certain URLs that may be on the Google blacklist.

Did You Know: MalCare has its own Google blacklist monitoring that updates every 24 hours. If your website is blacklisted by Google and you’re a MalCare user, you’ll get an alert in the MalCare dashboard.

Google blacklist monitoring by MalCare

Now, if you’re still not convinced that your site may be hacked or that your WordPress website may not be blacklisted by google, then drop us a line. Our support team will be more than happy to help you out.

But if you have confirmed that your site is blacklisted or a specific URL is blacklisted, then you should read the next segment on how to clean your site of any malware.

3. Scan and Clean the Malware On Your Website

A. Scan And Clean your Website using a Plugin

The first step to getting off the Google blacklist is to find and remove the malware infecting your website.

MalCare protects over 250,000 WordPress websites across various industries and here’s what we’ve found:

The primary reason why your site is blacklisted is a malware attack.

What does this mean? 

Simple – some hacker has access to your website and is stealing your traffic, your data, and your revenue.

Now that you know that your site is hacked, you need to pinpoint the malware and remove it from your site without wrecking it. You need to treat the problem at its root before you get your business up and running again.

Here’s the thing:

  • Google’s crawler can spot mostly what the malware is doing and not where it’s actually located or how you can remove it.
  • Pinpointing the source of the attack requires you to understand PHP, HTML, Javascript, and Database Management.
  • Even if you are an adept coder, it can take a long time to try and figure out what’s happening on your site because malware could be literally anywhere.

In other words: if you try to remove malware infection on your own, there’s a high chance that you might wreck your site completely. We highly recommend that you signup for MalCare instead.

MalCare offers a complete suite of security features that will scan, clean, and protect your WordPress site from malware attacks and security issues..

With the most advanced learning algorithms to support it, MalCare is by far the best security plugin there is that keeps getting smarter over time. 

We know that this can sound a bit biased, so here are a few important stats about MalCare to remember:

  • One-click instant malware removal in 3 minutes or less;
  • 99% of malware are automatically detected and cleaned without any manual cleanup;
  • Less than 0.1% false positives flagged across a network of 250,000+ websites;
  • No extra charges ever and no B.S.;
  • All for $99/year!

If you haven’t already, install MalCare and clean your hacked WordPress site today.

Here’s how you can do it:

STEP 1: Sign up for MalCare

upload plugin

STEP 2: Run the MalCare scanner:

malcare security

STEP 3: Hit the ‘Clean’ Button to automatically clean your site.

malcare auto-clean

STEP 4: Finally, head over to ‘Apply Hardening’ and secure your website against future threats.

malcare apply hardening

That’s all you need to do.

You get all this for just $89/year!

Join 250,000 other sites and install MalCare Security Services today.

B. Scan and Clean the Malware On Your Website Manually(Not Recommended)

To be very clear, we do not recommend cleaning your website manually.

But if you understand the risks and still want to remove the malware manually, here’s what you should know:

Cleaning a hacked site to remove the Google blacklist has 3 primary steps:

  • Scanning the server for malicious infection in files;
  • Scanning the database for malicious infection;
  • Detecting backdoors and fake admin accounts;

And then, remove malware from your WordPress website.

It sounds simple, but it’s really not.

But let’s just get started with finding hack indicators:

#1 Look for Malicious Code in WordPress Files and Folders

There are some old-school hackers that directly upload files or folders containing malware.

Just to be clear: this is a rare occurence. Most modern malware is far more sophisticated.

Look for files with suspicious names. Start with folders containing no WordPress core files such as:

  • wp-content
  • wp-includes

These are folders that should not contain any executable files. If there are any PHP or javascript files here, then that’s a bad thing.

Pro Tip: Look especially for PHP files. Javascript typically injects content into the frontend. The first thing you would need to get rid of is the malicious PHP code that executes the Javascript files.

If this doesn’t work out, don’t lose hope. We have some more ideas.

#2 Look for Malicious String Patterns in the WordPress Core Files

Malware is just code. They are instructions that execute when certain events occur and these instructions have a pattern known popularly as ‘String Patterns’.

Typically, you will find them in the core WordPress files such as:

  • wp-config.php;
  • .htaccess
  • wp-activate.php
  • wp-blog-header.php
  • wp-comments-post.php
  • wp-config-sample.php
  • wp-cron.php
  • wp-links-opml.php
  • wp-load.php
  • wp-login.php
  • wp-mail.php
  • wp-settings.php
  • wp-signup.php
  • wp-trackback.php
  • xmlrpc.php

Head over to these WordPress files and search for malicious strings like favicon_bdfk34.ico and many more.

CAUTION: Do NOT attempt this unless you understand PHP and Apache deeply. Most of these files handle how your website functions. Fiddling around with this code can completely wreck your site.

That said, look for snippets such as:

  • tmpcontentx
  • function wp_temp_setupx
  • wp-tmp.php
  • derna.top/code.php
  • stripos($tmpcontent, $wp_auth_key)

It’s difficult to say exactly what else you should be looking for here. Depending on the malware, you could have different types of malicious code in the file.

But if none of these worked, try and clean your database next.

#3 Clean Hacked Database Tables

Use your database admin panel to connect to the WordPress database. In cPanel, most hosting companies offer phpMyAdmin.

Then, try to remove any malware in the database that may be causing the Google blacklist:

  1. Log in to phpMyAdmin.
  2. Backup your entire database.
  3. Search for spammy keywords and links that you might see on spam comments.
  4. Open the table that contains suspicious content.
  5. Manually remove any suspicious content.
  6. Test to verify the site is still operational after changes.

If the changes to the database wrecked your site, immediately restore your site from the backup you took and then install a security plugin to clean your site instead.

#4 Remove Backdoors Embedded in Your Website

Backdoors are entry points to your website that allow hackers to access your site whenever they please. Removing these backdoors is critical. If you don’t do this, then it’s quite likely that your site will get infected again very soon and you will get hit with another Google blacklist.

Backdoors are usually named as legitimate files and folders but are intentionally placed in the wrong directory to cause more damage. You can also get backdoors embedded in real WordPress core files.

Look for the following PHP functions:

  • base64
  • str_rot13
  • gzuncompress
  • eval
  • exec
  • create_function
  • system
  • assert
  • stripslashes
  • preg_replace (with /e/)
  • move_uploaded_file

If this seems too technical or sounds like it’s too much work, we recommend that you install MalCareIt’s a quick, easy, and affordable fix.

Once your site is free of malware, it’s time to get your deindexed pages out of the Google blacklist and back into the SERPs.

4. Remove Google Blacklist Warning by Submitting a Review Request

Once you are done cleaning your website, you’ll have to inform Google that you have cleaned your Website and would like to get your Blacklist Warning removed. For that, you need to access your Google Search Console Account or Google webmaster tool and follow the following process step by step:

Step 1: Go to the Security Issues Tab.  This is to review the issues Google has found.

visiting security issues tab in google webmaster tool

Step 2: Select “I have fixed these issues”.

select "i have fixed these issues" in Google web master tool

Step 3: Click on “Request a Review”.

GSC-ManualActionNotice

Step 4: Type the steps taken by you to remove malware from your site and the blacklist warning. This is subject to manual review. So, be as descriptive and specific as possible.

Step 5: Finally, click the Manual Actions section.

How to check manual penalties in Google web master tool and lift them

Step 6: In case there are multiple issues, repeat steps 1-4 until all security issues have been resolved.

It usually takes Google 1-3 days to respond to the request and update their index.

And that’s it! 

If you followed these steps, then in 1-3 days your site will be out of the Google blacklist and back into the search engine results where it belongs.

If you want to learn more about preventive measures and damage control, do stick around. And as always, we’re happy to get any questions from you – just drop a comment below.

How to Recover Your Damaged Reputation

Now that your website is cleaned up and your site up for a review, it’s time to recover your damaged reputation.

Most people don’t pay a lot of attention to this, but you do need to win back the audience’s favor before it’s business as usual. Chances are that the Google’s blacklist chased off some pretty serious customers from your website.

So, we’ve compiled a list of great resources for you to recover your business reputation:

Also, as a rule of thumb do these three things:

  • Publicly acknowledge and address the problem: Telling people about how you screwed up is not a sign of weakness. Just be prepared to tell people about the extent of the damage, what you are doing to clean it up, and how you will prevent it in the future.

  • Send out an email win-back campaign: Send out an email blast to EVERYONE on your email list. Tell them about the incident and make sure to tell them that you appreciate their love and support and how quickly your site will be up and running again.

  • Publicize that you won’t accept new business until you resolve the issue: This is a pretty bold move and most audiences love bold. If you show the world that your customers matter more than making money, you will rally a lot of support for your cause.

We advise everyone to take on these measures because they are preemptive, proactive, and personal. Anything less will fail to make your existing customer base comfortable with repeat purchases after the URL blacklist is removed.

How to Prevent Your Site From Getting Hacked and Blacklisted

This is the last step: staying off Google’s blacklist for good.

After this segment, we’re all done. You can go back to making more money and we can go back to helping more people in dealing with a URL blacklist.

We do hope this post has helped you so far.

The only thing left to do now is to make sure that as a website owner you never go through the same situation again. Sure, you can hire a reputation management agency, a WordPress maintenance agency, and a security analyst.

That’s one way to go.

But if you think that’s incredibly difficult to manage (which it probably will be) and very expensive (which it is), then you need a smarter alternative.

We recommend that you install MalCare.

  • With a built-in malware scanner, you will always be one step ahead of the hackers.
  • Get instant one-click malware removal for even unknown malware.
  • Set up WordPress hardening measures in a few clicks to protect your site from Japanese keyword attacks, CSS attacks or other WordPress hacks.
  • Defend your site against malicious traffic from country or device with a powerful WordPress firewall.
  • Get Google blacklist monitoring as a free bonus.

MalCare’s full suite of WordPress security features will protect, scan, and clean your website on a regular basis so that your site is safe from the blacklist warning by google.

That’s all, folks!

Drop any questions or queries that you may have and our highly-acclaimed support team will help you work out your issues day or night.

Until next time.

Nirvana,

Nirvana is a WordPress enthusiast, and enjoys sharing their experience with fellow enthusiasts. On the MalCare blog, Nirvana distils the wisdom gained from building plugins to solve security issues that admins face.

Copy link
Powered by Social Snap