Many search engines, especially Google, are starting to mark websites that they think are dangerous. You’re likely to see a ‘This site ahead contains harmful programs’ message when you try to visit such a website. While that’s a good thing, the problem is even reliable WordPress websites also get marked with this label. This can be a disaster for the WordPress website owner. In this article, learn how to deal with this error.
Why this message occurs?
Getting the warning message can be quite frustrating, for both the user (who is looking for information) and the website owner (who has financial liabilities). So what causes Google to mark websites as harmful?
There are two possible reasons:
The Solution
To fix this error, you must first check for any malicious codes on your website. Such codes can sneak into a website in numerous ways. Plugins is the most common way for a WordPress website to get infected.
To get started with fixing the issue, you can utilize the safe browsing analysis tool from Google. It is a free-to-use tool and offers an instant report. It will point out the problems with your website from a safety point of view. You can also use other paid tools if you like.
Now that you know what the problem is, it’s time to start fixing it.
The first task is to update all WordPress passwords, and login credentials. This also includes FTP passwords and SSH user account passwords. Doing so would prevent the website from getting any worse and keep the hackers at bay.
Next, backup your website. Since you’ll be making changes to important files, you need to have a copy just in case things go wrong.
The next thing to take care of is the backdoor. It is a method hackers use to get remote access to the server by bypassing normal authentication.
While finding the backdoor isn’t an easy task, you can locate them at the following folders:
The above code will look for any php executable files in the uploads folder. There shouldn’t be any unknown php files. If it finds such files, that will be removed.
After you’ve secured the backdoor, run a complete database scan using tools like Blogvault or NinjaScanner. These will spot and remove any malicious files in your database.
Google’s Webmaster tool is another tool to check security issues associated with your website. The advantage with this tool is you’re getting reports from Google’s perspective. By fixing the flaws, Google won’t mark your website as harmful.
After you’re done with the above measures, the WordPress website should load normally. To prevetn thing from happening, always adopt the latest security measures.
Why this message occurs?
Getting the warning message can be quite frustrating, for both the user (who is looking for information) and the website owner (who has financial liabilities). So what causes Google to mark websites as harmful?
There are two possible reasons:
- The website is distributing malicious codes. In other words, it is infected with viruses and transfers these to the visitor’s computer or web browser
- There are too many ads on the website from low-quality advertising network
The Solution
To fix this error, you must first check for any malicious codes on your website. Such codes can sneak into a website in numerous ways. Plugins is the most common way for a WordPress website to get infected.
To get started with fixing the issue, you can utilize the safe browsing analysis tool from Google. It is a free-to-use tool and offers an instant report. It will point out the problems with your website from a safety point of view. You can also use other paid tools if you like.
Now that you know what the problem is, it’s time to start fixing it.
The first task is to update all WordPress passwords, and login credentials. This also includes FTP passwords and SSH user account passwords. Doing so would prevent the website from getting any worse and keep the hackers at bay.
Next, backup your website. Since you’ll be making changes to important files, you need to have a copy just in case things go wrong.
The next thing to take care of is the backdoor. It is a method hackers use to get remote access to the server by bypassing normal authentication.
While finding the backdoor isn’t an easy task, you can locate them at the following folders:
- Themes
- Plugins
- Uploads directory
- wp-config.php
- Includes folder
- Search uploads directory
Code:
find uploads -name “*.php” -print
- Remove themes that are not active
- Recreate .htaccess file
- Fix wp-config.php file
- Run a database scan
After you’ve secured the backdoor, run a complete database scan using tools like Blogvault or NinjaScanner. These will spot and remove any malicious files in your database.
Google’s Webmaster tool is another tool to check security issues associated with your website. The advantage with this tool is you’re getting reports from Google’s perspective. By fixing the flaws, Google won’t mark your website as harmful.
After you’re done with the above measures, the WordPress website should load normally. To prevetn thing from happening, always adopt the latest security measures.