Trying to visit your site and instead being faced by a red warning screen with the message ‘the site ahead contains malware!’ is never a good feeling. The good news is, all hope isn’t lost and you can still fix your site quickly to reduce the loss of customers and revenue.
This error usually shows up on your browser when trying to access your site because Google or other search engines have detected questionable content on your site. When we say questionable, we mean malware, external redirects to sites that sell fake products or infect visitors, and other malicious content. There is a high probability that you’ve been hacked and they have strategically placed such content on your site for their own benefit, leading to the blacklisting of your site.
What does the ‘deceptive site ahead’ warning imply?
Search engines like Google usually initiate the red warning screen for questionable sites on detection of content that can endanger the site’s visitors or other sites as well. There are different types of hacks that can be placed onto sites in this manner, such as malware or pharma hacks. Different warnings are triggered in these situations to warn site visitors of potential situations that could arise on continuing their visit to the website, such as data loss, exposure to malware, etc.
If your website;
Diagnose the red warning screen
With Google Safe Browsing’s tool for analysis, you can verify your site first with this query;
https://www.google.com/safebrowsing/diagnostic?site=YourDomain.com
Following this, you can use the Search Console to check your site for frequent updates and, in the case of blacklisting, for more details as well. This is available under the ‘Security Issues’ link, where you can also file reports for incorrect phishing warnings under the ‘Report Incorrect Phishing Warning’.
You can disable the ‘deceptive site ahead’ warnings for the specific browser you’re using.
For Google Chrome:
There’s also an option for using an adblocker for any annoying pop-ups or anti-virus triggered warnings. If you’ve the Windows Defender, this will suffice as a basic level of protection most of the time.
For Firefox:
Under ‘About’ > ‘preferences’, there’s an option for ‘Privacy and Security’ which allows you to disable ‘deceptive content and dangerous software protection’ and the sub-options ‘block dangerous and deceptive content’ > ‘block dangerous downloads’ > ‘warn you about unwanted and uncommon software’. Of course, once the issue is resolved, it’s wise to switch these options on as they protect you from daily threats as well.
Fixing the red screen warning
Before stepping forward, always remember to prepare a backup. This will ensure that you have a clean copy of the site to fall back on, in case clean-up efforts go south. Sometimes, the malicious files and/or backdoors are hidden strategically in important folders. So, if you’re able to gain a date of detection of malware on the site, then you can use a clean backup from before to restore the site.
Otherwise, with enough training and knowledge about the technical aspects, you can find out about backdoors placed or other vulnerabilities. This includes insecure usernames and passwords, unsafe file permissions, disguised malicious files, etc. There is a possibility of placing malware in the core files and folders so that the admin panel is compromised and it’s more sensitive to changes made manually.
Scanning the website for malware and other suspicious activities is the next step to resolving security issues. This will help you find infected files and other malware. You can also manually remove by following the steps given below;
There are many other steps that you can follow to harden the security barriers of your website, such as changing your default WordPress URL, getting an SSL certificate (if none), and finally requesting a review from Google. Future measures for added security can be general, specific, many or none, depending on your security position, so let us at Astra Security help you out today!