Google blacklists around 10,000 websites every day. Are you one of them? For most website owners, the security warnings, hack indicators, and diagnostic pages can be daunting. This guide is to help website owners understand what a blacklist is, how to remove website hacks, and resolve Google security warnings. This will help you quickly restore your website and reclaim visitors, revenue, and SEO rankings.

Is your website being flagged by your browser as a malicious site with malware or phishing scams? If so, we have some bad news for you:

• Google Safe Search has put your site on the Google blacklist;
• Your website is probably hacked;
• And your customers can see the blacklist warnings too.

The worst part of that news is that your site is hacked. The blacklist warnings are just a symptom of a much larger disease.

Best case scenario: You clean your site immediately and delist from the Google blacklist. In this case, your losses will be short-term at worst. Over time, you will be able to recover your brand value, website traffic, and online revenue.

Worst case scenario: People will stop trusting your brand and the traffic to your site will slow down – permanently. This could mean the complete downfall of your business because of the Google infection warning.

What is Google Blacklist?

Every day, Google puts around 10,000 websites that are infected by malware into a quarantine known as the “Google blacklist”. If a website is added to the Google blacklist, then Google, other search engines, and anti-virus companies start marking the website as “unsafe” for visitors and stops people from using the blacklisted website.

The Google blacklist or the URL: blacklist is a list of websites that Google thinks are hacked or spreading malware to visitors. Blacklisted websites get removed from Google’s search index to stop the malware from spreading.

Of course, this is not arbitrary de-indexing.

Google makes money by providing the very best search experience there is. Naturally, they will do anything to prevent people from downloading malware. Blacklisting a website does destroy its organic traffic. But at the same time, it also defeats the attacker.

Google Safe Search has strict guidelines for what kind of code it considers to be malicious.

But Google Safe Search can only recognize malware that manifests itself in the content or the “browser-visible” parts of the site. It can’t pinpoint the exact nature or origin of the malware. So, it does the most logical thing it can – it stops sending traffic to that site.

The good news is that you can still recover your site and get off the Google blacklist.

The bad news is: In our experience, a blacklisted website loses nearly 95% of all organic traffic.

Imagine the damage it does to sales and revenue.

How to Get Off Google Blacklist?

Now that you understand what Google blacklist is, it’s time to deal with the problem.

In the next few sections, we’re going to help you:

1. Confirm if your website is actually blacklisted
2. Scan your website for malware and clean it
3. Delist your website from Google Blacklist

Let’s dive in.

Confirm That Your Website Is Blacklisted

If your website displays the message “This site may harm your computer” in search results, your site is part of the Google blacklist or URL blacklist.

Of course, that’s not the only kind of warning you can get.

You can also get the very ambiguous:

• “The site ahead contains malware/harmful programs”
• “Reported Attack Page!”
• “Danger Malware Ahead”
• “This website has been reported as unsafe”

This is a real pain.

Not only is the Google blacklist message truly vague, but almost every major browser uses Google Safe Search to serve safe links to the user.

In other words, if Google has blacklisted your site, then it has ripple effects across all users and not just Google Chrome users.

Just in case you don’t see the warning messages, here are a few more ways to confirm if your site has been blacklisted:

Check your Email

If your website has been hit by the URL:blacklist by Google, then you will get a notification from Google Search Console.

Usually, this notification will tell you loud and clear that your site is blacklisted.

In most cases, the entire site is not blacklisted. Instead, specific URLs that Google identifies as malicious are blacklisted. The list of all these URLs will be clearly mentioned in the email.

Check Search Console for Blacklist Warning

The Search Console is the perfect place for definitive answers.

If your Google Search Console isn’t set up yet, go ahead and verify your property first:

Then, head over to the Security Tab:

Go to the infected pages:

Click on ‘Learn More’ in the ‘Detected Issues’ section and understand where the infection manifests itself. Is it:

• In a page? (Eg.: blog.example.com/pages/page1.html)
• In a group of pages? (Eg.: blog.example.com/pages/)
• In a post? (Eg.: blog.example.com/post1/)
• In the entire blog? (Eg.: blog.example.com/)
• In the whole domain or subdomain? (Eg.: example.com)

Understanding where the malware manifests itself is a good way to start narrowing down on ways to clean it up.

Pro Tip: Check the date when Google discovered suspicious content. You can find the discovery dates next to the URLs provided in the ‘Detected Issues’ section. Google does not always provide a lot of information on the URL blacklist. Checking the dates can help you narrow things down even further. For instance, did you install a plugin right before that date?

If the infection is restricted to a small number of pages, then you can try to ‘Fetch as Google’ for those pages to examine the contamination:

Finally, look for indexed pages – have the infected pages also been deindexed?

This is going to be important later on.

Use Google Safe Browsing for Google Blacklist Check

If your website’s content has been hit by a Google blacklist because your website has been hacked, then you will get a notification from Google Search Console.

But what if your Search Console is not set up?

Indexing the sitemap can take a lot of time. So, the simpler alternative is to go to Google Safe Browsing and check your website for URL blacklists.

The only problem here is that this is a very manual process. You have to know ahead of time that there are certain URLs that may be on the Google blacklist.

Did You Know: MalCare has its own Google blacklist monitoring that updates every 24 hours. If your website is on Google blacklist and you’re a MalCare user, you’ll get an alert in the MalCare dashboard.

Now, if you’re still not convinced that your site may be hacked or that your website may not be on the Google blacklist, then drop us a line. Our support team will be more than happy to help you out.

But if you have confirmed that your site is blacklisted or a specific URL is blacklisted, then you should read the next segment on how to clean your site of any malware.

Remove your website from blacklists

Get Google Search Console

To remove the blacklist warning, you need to let Google know that you have completely cleared the infection. To do this, you must have a Google Search Console account (formerly Webmaster Tools).

To verify ownership of your website in Google Search Console:

1. Open Google Webmaster Central.
2. Click Search Console and sign in with your Google account.
3. Click Add a site.
4. Type in your site’s URL and click Continue.
5. Verify your site using the Recommended method or Alternate methods options.
6. Click Add a site.
7. Click Verify.
8. Check the Security & Manual Actions section to review any warnings.

Other Website Blacklists

Google Safebrowsing is not the only website blacklist out there. However, many other authorities use Google’s API to add malicious websites to their own blacklists.

Antivirus programs and other search engines also want to warn their users when a website is dangerous. Each has their own console and review process. In order to remove your site from their blacklists, you need to go through the steps to let them know your website is clean.

If you used SiteCheck to scan your site for malware in the first step, the results will indicate whether your site has been blacklisted by some of the top authorities. The review process should be similar to Google Search Console. For example, the McAfee blacklist has a review submission form and both Bing and Yandex have their own webmaster tools that you should sign up for.

Other popular blacklist authorities:

• McAfee SiteAdvisor
• Bing Blacklist
• Yandex Blacklist
• Norton SafeWeb
• PhishTank
• Spamhaus
• BitDefender
• ESET

Request a Security Review

If you do not request a review, Google may think you haven’t finished the site cleanup. By requesting a review, you are telling Google that you are ready for them to rescan your site. Google is now limiting repeat blacklist offenders to one review request every 30 days. Do not try to trick Google, either, as it may not pass the review process. For example, if the site is empty, it won’t pass a review. Be sure your site is clean before proceeding!

To request a security issue review from Google:

• Navigate to the Security Issues tab in the Search Console.
• Review the issues to confirm all have been cleaned.
• Check the box to confirm I have fixed these issues.
• Click Request a Review.
• Fill in the information with as much detail as possible about what was cleaned.

To request a spam review from Google:

• Navigate to the Search Traffic tab in the Search Console.
• Click the Manual Actions section.
• Review the issues to confirm all have been cleaned.
• Click Request a Review.
• Fill in the information with as much detail as possible about what was cleaned.

The process will be similar for other blacklists such as McAfee, Bing, Yandex, and Norton.

Wait and Protect Your Brand

Once you have submitted the blacklist removal request it can take a few days for Google to review your site, have Google reindex your site.

If the title and description of your web pages were infected with spam, it can take time for your search results to clear up. This is because Google only crawls your site every so often. Fortunately, in the Search Console, you can ask Google to refresh certain pages and the links on those pages.

To force Google to recrawl your site:

• Use the Inspect any URL search box at the top of the Search Console to search your URL.
• Click the Request Indexing button to the right.

It will then ensure it can view your website without any errors and submit it for reindexing if it is successful. If it encounters any errors, you will need to review the errors and ensure your site is accessible to the Google bot.

If it is successful, you will get the following message: “URL was added to a priority crawl queue. Submitting a page multiple times will not change its queue position or priority.”

This will have Google crawl your homepage and any links on that page. If you have other pages showing in Google search results with spam in the title and description, you can also crawl those pages separately.

Note: Google Search Console allows you to crawl 500 single URLs per month and only 10 with direct links per month. These 10 are best used to crawl pages with many internal links, such as a public sitemap or your homepage.

Remove Spam URLs

If spam pages were removed from your site, they may have been indexed by Google already. The spam pages can create 404 (Not Found) errors when they are removed from your site. You can use the URL Removal Tool to tell Google these spam pages should be removed from their index.

To remove spam URLs causing 404 errors:

• Navigate to the Index tab in the Search Console.
• Click the Removals section.
• Click the New Request button.
• Enter the URLs of spam pages that have been removed.
• Click Continue.

Caution: This tool removes pages from Google search. This option helps after you have removed spam pages so that Google knows they are not actually part of your site.

How to Prevent Future Hacks & Blacklists

Focus on Website Protection

You should also consider taking more steps to harden and protect your site to prevent future blacklisting. This includes applying updates, maintaining a good website backup strategy, managing user privileges, and implementing website security controls.

The number of vulnerabilities exploited by attackers grows every day. Trying to keep up is challenging for administrators. Website Firewalls were invented to provide a perimeter defense system surrounding your website.

Benefits of using a website firewall:

• Prevent a Future Hack: By detecting and stopping known hacking methods and behaviors, a website firewall keeps your site protected against infection in the first place.
• Virtual Security Updates: Hackers quickly exploit vulnerabilities in plugins and themes, and unknown ones are always emerging (called zero-days). A good website firewall will patch your holes in your website software even if you haven’t applied security updates.
• Block Brute Force Attacks: A website firewall should stop anyone from accessing your wp-admin or wp-login page if they aren’t supposed to be there, making sure they can’t use brute force automation to guess your password.
• Mitigate DDoS Attacks: Distributed Denial of Service attacks attempt to overload your server or application resources. By detecting and blocking all types of DDoS attacks, a website firewall makes sure your site is available if you are being attacked with a high volume of fake visits.
• Performance Optimization: Most WAFs will offer caching for faster global page speed. This keeps your visitors happy and is proven to lower bounce rates while improving website engagement, conversions, and search engine rankings.