Removing Blacklisting from your Website
Warning of Google blacklist on your website? Don’t panic. There are thousand of websites that Google blacklist daily. Let’s see how to fix it.
IDENTIFY
If you have been blacklisted the first thing to know is the type of warning: malware, phishing, deceptive site or damaged.
FIX
You must remove malware from your website files and database, and fix vulnerabilities to prevent reinfection.
REQUEST REVIEW
Once you are sure your site is clean, you must Request a Security Review and wait and be sure of protecting your brand and website, blog or e-commerce.
Step 1 – IDENTIFY WARNINGS
If you see security warnings when trying to reach your website, the first thing to do is identify the type of warning. This warning message on your site is the key to understand what Google is telling you about the type the security issues on your site. The specific message depends on the virus or browser you are using. The right column lists all the types of warning messages that can appear on your site.
Scan your site
This is the moment to detect security issues, malware infections and blacklists. If you are managing multiple websites in your server, you must analyze all them.
Type of Warning Messages
- The website ahead contains malware
- Deceptive site ahead
- Suspected phishing site
- This site may harm your computer
How to scan your site
1. Free remote scan: this tool analyzes public side of your site. So, all content available on the internet. It can’t analyze your site’s files and database. The infections that this scan can detect are:
- Hidden malicious iframes
- JavaScript injections
- Malicious redirects
- Pharma hacks
- Website defacements
This scanner will show you also info about blacklist status. So you can check if your domain is blacklisted by Google, Norton, McAffe or Yandex. If your site is WordPress you can install our free plugin to scan your site and check blacklist on a regular basis.
2. File Scanner (server site scanner): this tool scans website’s private side, so all files. This scan detects:
- Phising
- Mailer scripts that send spam through your site
- Backdoors
- Obfuscated code injection
- Files integrity
3. Database scan: sometimes malware infections are on your website’s database. That’s why is highly recommended to scan it also. If you don’t feel comfortable with this type of scan, you can count on our plans and services to help.
Step 2 – Remove Malware and Blacklisting
To remove malware from your site you should be edit files on your server. First of all, you must backup your website. Perfect scenario would be to have a clean backup, but if don’t have it, at least this backup will be useful in case you remove by mistake a ‘clean’ file and restoring will be needed. As a golden rule, you must never take any action on your site without having a backup.
How to Remove a Malware Infection from your Website files
Once you already know which are the infected files, is time to detect malicious code. You can replace infected files if they are core files from your CMS such as WordPress or Joomla. You can use copies of your core files and extensions directly from the official repositories. And you can replace custom files from non infected backup copies.
Although if the infected ones are not core CMS files, you must find malicious code to remove it. As mentioned before, you can restore these files from a recent non-infected backup as long as they are not customized files. If you use WeSecur file scanner, we suggest the piece of code that you must delete to help you. You can use our file editor and comparison to do it easily.
Clean Hacked Database
This process is quite similar to infected files. You must access to any tool you use to manage your database, probably the one that your hosting provider is providing you, and backup you database. Then you must open the backup file and look for malicious code. Once you detect it and remove it, you can restore clean backup.
Prevent Reinfection
Hackers always leave a way to get back into your site. More often than not, we find multiple backdoors, malicious admin users, and overlooked vulnerabilities. To make sure your site is clean you must:
Start with your computer
We always recommend you to manage your site from a secure terminal. So be sure to have an antivirus program installed. All the people that access to your website, blog or e-commerce must be secure. There are several free antivirus solutions as Avira or Avast, or paid ones as Kaspersky.
User Accounts
Another important step is to change and clean up your user accounts.
- Website admin users
- FTP users
- Database users
- cPanel accounts
- Hosting company logins
Enable two-factor-authentication if it is available.
Vulnerabilities and Updates
It is crucial to update all the elements of your website. We know it takes time, but worth it. So, make sure to update:
- Plugins or components
- Themes and extensions
- If you host more than one website on the same server, you must update all them
Backdoors
This can be one of the main reasons for reinfection. If you don’t close all backdoors your site will be reinfected. As a tip, backdoors usually include this PHP functions: Base64, str_rot13, gzuncompress, eval, exec, preg_replace (with / e /), move_uploaded_file.
Step 3 – GOOGLE REVIEW
Get Google Search Console
You must have a Google Search Console account to review the warnings on the messages section.
Other Blacklists
If you have any WeSecur plan you have seen that there are more blacklist authorities. It is important to check them all. Other popular blacklist authorities are McAfee SiteAdvisor, ESET, Bing Blacklist, Norton SafeWeb, PhishTank, SpamHaus, BitDefender. If you have any WeSecur plan we explain you the process of removing from a blacklist for most of these authorities.
Request Security Review
Once you have finished your clean up it’s important to request a Google review to scan your site. If you do not do so, Google doesn’t know that you have finished your site cleanup. Be sure to have your site ready when requesting as Google is limiting the times you ask for a review monthly. To request a security issue review from Google:
- Go to the Security Issues tab in Search Console.
- Review the issues and check the box to confirm I have fixed these issues.
- Click Request a Review.
- Fill in the information about what was cleaned.
To request a spam review from Google
- Navigate to the Search Traffic tab in Search Console.
- Click the Manual Actions section and review the issues to confirm all have been cleaned.
- Click Request a Review.
- Fill in the information about what was cleaned.
- The process will be similar for other blacklists such as McAfee or Norton.
To ask for a review you can also do it here(https://safebrowsing.google.com/safebrowsing/report_error/)
Wait and Protect your Brand
Once you have submitted the blacklist removal request it can take a few days for Google to review your site.
Google Recrawling Your Site
Furthermore, if you want Google to crawl some of the pages of your clean site asap, you could force it.
- Navigate to the Crawl tab in Search Console.
- Click the Fetch as Google section.
- Enter your homepage or leave the field blank.
- Choose the option to Crawl this URL and its direct links.
- Click Go.
Remove Spam URLs
If spam pages were removed from your site, you must remove them as they have been indexed by Google already. This option below helps after you have removed spam pages so that Google knows they are not actually part of your site. To remove spam URLs causing 404 errors:
- Go to the Google Index tab in Search Console.
- Click the Remove URLs section.
- Click the Temporarily Hide button.
- Enter the URLs of spam pages that have been removed.
- Click Continue.
