Avoid being Blacklisted

Google, Bing, Yahoo, Ask, AOL...

How to prevent Blacklisting - Website Scanners

Updated: May 1, 2021
By: RSH Web Editorial Staff
Blacklisted Website

Menu

Blacklisted by the Search Engines

Have you ever tried to visited a Website to be shocked by a warning that reads:

◦ The Website Ahead Contains Malware
◦ Danger: Malware Ahead
◦ Suspected Malware Site
◦ This website has been reported as unsafe

As search engines like Google work relentlessly towards identifying unsafe websites with malware or links to virus-ridden sites. It is possible you may fall under the radar. It may be no fault of your own, but the blacklisting can have a highly negative impact on your SEO rankings and website traffic

Customer trust gets deterred by warning screens and accidental clicks to websites filled with pop-up ads, malware and counterfeit products. Organic conversions will fall through the roof and all of this adds to a lasting long-term impact, from which it becomes difficult to escape

The essence of tackling a Google blacklisting is speed, identification, removal and getting back on track as soon as possible

What is Blacklisting?

Blacklisting means your website is removed from the search engine(s) index. Which means that even if someone searches for your website, it won’t show up in the search results. Warnings may also be displayed on the search results page for your website warning of the threat their machines or devices may have to suffer interaction with your website. Website blacklisting is for the protection of browsers from malicious scripts and content. This is can be devastating for small businesses which rely on their websites for their main source of income

How do you know that you’ve been blacklisted?

There are a few indicators that show your website is blacklisted. The simplest one of these is the red warning screen initiated by Google Safe Browsing on detection of malware or other questionable content. This warning screen is tailored for each browser and the kind of hack that you’re facing, be it malware or pharma. For Google Chrome, the command chrome://interstitials/ will provide a list of usual warning screens that appear on this particular browser

If you’ve installed anti-virus or anti-malware software on your system, accessing questionable sites with malicious content in them can trigger their warnings
NOTE: Sometimes visiting your own website on your PC or device may not show the warnings. You may need to clear your browsers cache or try using another system to access the site

Google Safe Browsing is also useful for indicating if a site has been compromised and the detection of malicious content. The search engine results page (SERPs) will showcase a warning next to the link of the compromised site with the respective search result. There is also a system that sends notifications via email to the webmaster (if registered on Safe Browsing). Also if you suspect your site has been blacklisted check with your Hosting Provider to see if they are seeing the same

You can check your website at: Google Safe Browsing – Google Transparency Report

info on hosting

The Removal

If you are Blacklisted you will need to get your website back up and running and re-indexed as soon as possible
If you are not yet registered with Google Search Console you may want to
After you log into the Search Console, there are only a few steps required to remove the blacklisted website and get it back up. It is recommended that you do it as soon as possible, since there is a certain time period required to collect necessary data for the concerned site

What got blacklisted?

It is not often that the entire Website is blacklisted. Very often, only a page(s) could have suspicious links or malicious content that prompted Google to issue the blacklisting command. The Search Console offers the option of finding out the specific URLs that have been blacklisted, allowing you to see which one’s facing security issues

Under "Security Manual Actions", there is "Security Issues" link which shows the links that are triggering the security issues. There are also dates given next to each link, indicating when the discovery of the suspicious content was made, which can be useful for our clean-up process, so do make a note of this

Scanning the Website

This is a crucial step, and is made even more important because only a good scanner will be able to detect the issues from every corner of the site. Also, the resolution measures provided should be able to permanently clean up the security issues in terms of Google standards

Your preferred scanner could be up against both simple and complex issues like trojan horses, SQL Injections, phishing hacks, or ransomware
Some scanners also run your affected Website against a known database of issues and provide a detailed report regarding the vulnerabilities found. This will help you understand what kind of malware is responsible for the warning, its origin, the date it affected your site, etc

Fixing the Issues

There are various steps that could be taken at this stage, such as restoring a backup previously taken of a clean version of the site (Backups are recommended to be done frequently). You may need to make changes depending on the issues found, such as addressing certain vulnerabilities or removing themes or plugins that caused the security issue. Manual removal of corrupted or compromised files should only be an option if your technical knowledge is advanced enough and you feel comfortable doing so. This could require fresh files or plugins to rebuild the site from the WordPress repository or other official sources

Automated Scanners

Another step can be done by using a website malware scanner. The automated scanner will find and remove any malicious content on your website

Below are a few of the more popular programs
Astra Security Firewall It is one of the best rated Complete Security Solutions
VirusTotal Tests are done against more than 60 trusted threat database
Sucuri SiteCheck Scanner will check for blacklisting status and malware incursions
Sucuri WordPress security plugin
Quttera Free malware scanning against your WordPress, Joomla, Drupal, Bulletin, SharePoint website
MalCare A premium WordPress all in one security solution to scan, protect, and cleanup from malware and other security vulnerability
pcRisk.com A free online tool that can be used to scan any website
QutteraFree Online Website Malware Scanner
HackerCombat.com Free online tool where you can scan your website for any malware
WebInspector.com Find malware and other security issues
Cobweb-Security.com Scan your website for malware and vulnerability for free
Get a free one time online virus scan, or a free 30 day trial with unlimited scans
FixHackedWebsite.com Scan any malware, hidden codes, iframes, vulnerabilities etc

Also see Malware Types, Protection, Prevention, Removal, and Detection

security resources

Requesting Google Review

After you are confident you fixed your website you can request Google to review your site. In your Google Search Console. Under "Security and Manual Actions" > "Security Issues"
There is an option for "Request Review". Google will then rescan your site and remove the blacklisting warning, provided all issues have been successfully resolved. Repeat offenders don’t have the best outcome under Google’s blacklisting category, so it’s best that all security practices are followed and kept updated on to avoid repetition

Here are some of the ways you can put into practice to ensure your websites are safe from getting blacklisted. Keen observation will help in the prosperity of your business

Visit your Site Often

This should be a normal part of your daily or every other day event for website owners to always visit their own website(s). Carry out a detailed survey and to note anything strange with your website. You also could do a quick Speed Check to confirm the speed of your website. If your speed has changed then something is definitely wrong

External Links

Properly evaluate your external links. Any links being used on your website for advertising, affiliate marketing, or linking to another websites should be properly vetted. If Google notices that your links lead to any Spam or malicious sites it will probably blacklist you, even if you do not host any malicious content yourself

Security and Firewalls

37,000 websites are hacked every day. Odds are in your favor? Well - you decide. Website security is at a all time high. And for good reason. Google is also pushing it hard, strongly recommending every website switch to HTTPS. In fact, Google is pushing it so hard that not being secure can result in decreased search rankings and your site being flagged in web browsers as not secure. If you have already switched to HTTPS - Great. If not you need to do that now. All websites should be using some type of firewall. Generally speaking a firewall creates a set of rules designed to protect your website. This includes:
◦ Blocking unwanted web traffic from accessing your site
◦ Protecting against hacks, brute force attacks, DDoS attacks, cross-site scripting, SQL injection, and zero-day exploits
All RSH Web Hosting sites are protected with ConfigServer Security and Firewall

Change the Admin login URL

WordPress Owners this especially applies to you

It is dangerous for website owners to keep the default Admin login URL or address. This is especially true with WordPress. Every hacker knows that 90% of WordPress installs are at:

With you using default login, hackers can easily get authorized access to your website. If the URL of the default Admin login link is changed this will add another security layer
While the Google blacklisting scenario may seem to be a dangerous outcome, it is quickly resolvable with the support of a high quality security scanner and malware removal assistant like Astra Security

Conclusion

Breaching the Google website rules can lead to the blacklist of your online website and business. Do not blame Google for taking such actions. It is only giving its best to offer maximum protection to the Internet. As web owner it will be up to you to apply cyber security strategies for protecting your website from malware and other malicious content

We welcome your comments, questions, corrections and additional information relating to this article. Please be aware that off-topic comments will be deleted.
Or if you need specific help with your account, feel free to contact us anytime
Thank you

Patrick Rewari
Great article RSH Web. Added it to our resource guide on email marketing


Tweet  Share  Pin  Tumble  Email