Getting your website blacklisted is always a bad thing. But as in any crisis, it’s always important to know what to do next, and how to remedy the situation.
If you’re a website owner, having your website hacked, and then blacklisted, is a horrendous thing to discover. Not only will have to deal with the consequences of the hack, but since your website is also blacklisted, Google and other search engines will stop crawling your site, and showing visitors warnings. This means you’ll be missing out on new searches, and losing your hard-earned reputation as well.
If you’re new to owning a website and the hassles that come with it, all of this might seem a little intimidating.
This is why we’ve chosen to give you most comprehensive guide to dealing with your website being blacklisted.
Here are just the basic steps if you’d rather have a quick run-through:
How to find out if your website has been blacklisted
There are a few ways to find out if your site has been blacklisted, or has been blacklisted because of malware on your site.
- Enter the URL of your site on Clearinghouse, or sites like it: StopBadware is a site that works in association with Google to help owners of hacked sites.
Its tool, Clearinghouse, lets you know if your site has been blacklisted or not, simply by entering the URL in its search box. Since it aggregates security information from major search engines and security companies, its list is up to date, and takes only a couple of hours to reflect new changes. Once you enter your site’s URL, Clearinghouse will check if there are records of your site being blacklisted, and will let you know accordingly:
- You could also enter your website’s name into Google and check the search results. If the descriptions for your website show a variant of “This site may harm your computer”, you’ve been blacklisted.
- If you’ve verified your website with Google’s Search Console, they would have sent an email notification about finding malicious software (or malware) on your site, and hence blacklisting your site. Below is a sample of the email you will receive:
Dear site owner or webmaster of (site.com),
We recently discovered that some of your pages can cause users to be infected with malicious software. We have begun showing a warning page to users who visit these pages by clicking a search result on Google.com.
Below is an example URL on your site which can cause users to be infected (space inserted to prevent accidental clicking in case your mail client auto-links URLs):
Here is a link to a sample warning page:
We strongly encourage you to investigate this immediately to protect your visitors. Although some sites intentionally distribute malicious software, in many cases the webmaster is unaware because:
1) the site was compromised
2) the site doesn’t monitor for malicious user-contributed content
3) the site displays content from an ad network that has a malicious advertiser
If your site was compromised, it’s important to not only remove the malicious (and usually hidden) content from your pages, but to also identify and fix the vulnerability. We suggest contacting your hosting provider if you are unsure of how to proceed. StopBadware also has a resource page for securing compromised sites:
Once you’ve secured your site, you can request that the warning be removed by visiting
and requesting a review. If your site is no longer harmful to users, we will remove the warning.
Google Search Quality Team
Why was my website blacklisted?
When hackers infect good websites with malicious code, the infected websites might collect banking details, contact or personal information from, or launch spam mail aimed at the website’s visitors. The infected websites might also be used to infect the visitors’ computers… depending on what the malicious code on your website was written to do.
Therefore, your website might have been blacklisted because it contains malware. Security companies and search engines blacklist sites that contain malicious code, in an attempt to try and protect the sites’ visitors.
What to do about my blacklisted website?
Once you find out that your site has been blacklisted, there are a few steps to make sure that your site is listed again:
Step#1: Access Google Search Console
- If you don’t have a Google account to use the Search Console
- Create a free Google Search Console account if you don’t have one.
- Click on the “add site” button on Google’s Search Console and follow their instructions to verify your site.
- If you’ve already verified your website using Google’s Search Console
As mentioned previously, Google would have already notified you about your site being unsafe, via email, with the steps to be followed in case you have been blacklisted. What it doesn’t explain though, is how to go about key points such as “remove the malicious content from (your) pages” and “fix the vulnerability”.
Step#2: Take your site offline, put up a page that says “Under maintenance”
This will help keep your visitors safe, and keep the attacker from wreaking more damage to your site, while you look for the malicious files on your website. You can take your site offline by doing one of the following:
- Going to your WordPress file directory and renaming the index.php file to something like indexold.php
- Manually adding a 503 redirect to your .htaccess file
- Changing the Privacy mode of your site
- Using certain plugins
- Contacting your web host and asking them to temporarily suspend your site
Step#3: Look for malware and bad files on your website
Vulnerabilities on WordPress usually exist on outdated versions of themes, plugins, widgets, and in WordPress directories that you don’t usually visit. This is why it can be difficult to detect a hack.
What you can do, though, is to update every outdated component on your site, and delete components that you don’t use. However, it’s not just enough to identify hacks… you have to clean out malicious files too. This is why identifying an intelligent hack scanner and cleaner is of paramount importance. You don’t want to get alerted by false alarms, nor do you want miss getting rid of any malicious code.
Step#4: Request a review for your website
Once you remove all instances of malicious code from your website, it’s important to inform search engines about your progress.
There are two ways you could go about this:
- Sending a review request to Google with your Google Search Console:In general, review requests to Google depend on the type of malware detected on your site.
- Reviews related to phishing take about a day to process
- Reviews related to sites hacked with spam usually need a few weeks to process since spam-related- hacks are usually tricky, and require manual investigation from the search-engine’s side
- Reviews related to other malware will need a few days to process
- Sending an independent review request to resources such as StopBadware: This is as simple as entering your website’s URL in their ‘Request Search’ page.
Once all instances of malicious code on your site are removed and your site is verified to be clean, all warnings will be removed, and your site will function as usual.
Step#5: Backup your website!
Keeping a backup of your WordPress site will keep you safe in the future. You could restore an uninfected version of your site, and then request a review, which makes the whole process a little shorter.
Step#6: Always perform a forensic analysis
Performing a post-hack analysis of your site will help you see the different openings for attacks that hackers find. If you’ve used a good malware scanner and cleaner, this should be easy. Finding these vulnerable points and hardening them will make your website a little less penetrable.
It’s never easy knowing that your website contains malware and could be a risk to your visitors. It also results in a loss of reputation. But getting to the root of the problem and eliminating malware can help keep you, and your website’s visitors safe.