You may be familiar with the big red warning screen that comes up on websites that you try to visit, with variations of messages that indicate that the site has been compromised by hackers and is therefore unsafe. However, you may not be comfortable with this message appearing on your website, discouraging your valuable customers from browsing through.
Search engines like Google display such messages for a valid reason – they have detected something malicious on your site, maybe even suspicious activity that suggests a hacking attempt. Of course, they don’t want your customers and other visitors to be infected by this malware or fall for any scam planted by hackers. This automatically implies lesser visitors, decreased SEO rankings, and more long-term damage along the way.
Here are a couple of variations of the warning messages you may see on your website:
- The site ahead contains harmful programs
- Continue to (www.example.com)?
- The page is trying to load scripts from unauthenticated sources, etc.
The ‘Deceptive Site Ahead’ warning can be seen as an extension of the Google blacklisting feature. This is the search engine’s method of evaluating and ensuring that all sites that appear on its search results page should be void of any infection or malware that can harm users. The two main reasons why Google has found it necessary to flag down your site is because it has detected phishing scams or malware infections. You can use Google blacklist scanner to check sites for the blacklist.
How Can You Confirm if Your Site Really Shows the Warning Screen?
Often, site owners are made aware of the warning screen and detection of malware and suspicious activity by a third-party like their regular customers. This is not a preferred manner of knowing about the issue since it implies that your site, its information, sensitive data, and customers’ privacy have been compromised for quite a while without you knowing about it.
A Couple of Ways to Confirm the Infection:
- Using the incognito mode to visit your site
- Check Google Safe Browsing (mentioned below) for warning messages
- Check Google Search Console for the same
- View your site from another system
- See if you’ve any security notifications from Google Search Console in your email
If at least two of these turn out to be indicative of malware on your site, then the problem is real and immediate steps need to be taken to resolve the situation.
What Can You Do in This Situation?
1. Check Your Website on Safe Browsing
You can check the status of your website on Safe Browsing to make sure that a problem has been detected – they provide the option of testing the site against the Google Safe Browsing tool by entering your URL. There’ll also be a notice from Google in the Search Console when any of your sites have been added to the Safe Browsing list.
2. Always Take a Backup of Your Site
A clean backup will make site restoration a much easier task. WordPress and most reputed security plugins always recommend taking frequent backups of the site for this very purpose – it ensures that you lose minimal changes made since then, and visitors can access your site as quickly as possible.
3. Detect and Remove Malware from the Site
Once you’ve understood that some form of malicious code is triggering the warning screen, the next step is to find out what this is exactly using security plugins from trusted security professionals like Astra Security, external tools, etc. These security plugins can also help in the removal of this malware later.
Before this, you can always continue depending on the Google Search Console for some in-depth insights regarding the issues. If this is a list of infected URLs or strings of malicious code, Google might list it out for your ease. There’s also a tab Security Issues under Security and Manual Actions that shows any potential issues that might be affecting your site. To gain these benefits from Google, make sure that your site is verified under this category in the first place.
After detecting the problematic content, remove the malware quickly as possible.
4. Submit the Site to Google for Checking
After you’ve thoroughly cleaned up your site, manually or with the help of plugins, you need to resubmit your site to Google for checking and ensuring that the problem has been solved. Ensure that the site is completely clean while doing so, as repeated offense invites more trouble at a later stage.
Under Google Search Console, the Security Issues tab provides the option to tick the box that says ‘I have fixed these issues’. Then, move further and tick ‘Request a Review’.
This seems like a simple procedure but the tricky thing about malicious code and backdoors that increase the site’s vulnerability is that it can be well-hidden and impossible to detect. Security engineers at Astra Security can help you in such situations.