911 Hack Removal

Google Blacklist – How to Remove Your Website from Google Blacklist (WordPress, Magento, PrestaShop, OpenCart, Drupal & PHP)

Updated on: March 21, 2021

Google Blacklist – How to Remove Your Website from Google Blacklist (WordPress, Magento, PrestaShop, OpenCart, Drupal & PHP)

Are your website’s search results carrying a warning that your site may be suspicious? Bad news ahead but your website has been subjected to Google blacklist. Sites that are hacked or affected by malware often carry these warnings to protect users. This, however, can affect your reputation. To find out more about why you may have been blacklisted by Google and to remove your site from it, read on.

What is Google Blacklist?

Google is trusted upon by millions of users every day. Whenever Google finds malicious content or files in a website that might compromise visitor’s security, it immediately start showing the Google blacklist warning. Visitors upon visiting the website are notified about the warning to prevent loss of sensitive data, and website owners are notified immediately via email or message in Google’s search console.

Google Blacklist takes steps towards detecting suspicious content and removes websites from their index and search engine results. This is negative press for the site, pushing it to lose at as much as 95% of its original website traffic in some case, thus degrading your reputation and impacting your revenue. 

How To Check If Your Site is Blacklisted By Google & Other Search Engines

We’ve seen that Google blacklists a website as the last resort. The website is usually infected for weeks after which Google picks up the malicious code on your website, leading to blacklisting it.

Types of Google Blacklist messages
Types of Google Blacklist

In addition to the website being blacklisted by Google, we’ve seen there are other engines too where your website could be blacklist. Example: McAffee’s blacklist, Virustotal, AVG, Avast, etc.

You can check if your website is on Google blacklist and other 65+ security engines from below:

Is your website blacklisted by security tools? Find out in 15 seconds.

Common Website Blacklist Indicators/symptoms

What are some common signs or symptoms one should look out for to understand if you’ve been blacklisted by Google?

  • On visiting the site, you get blocked by a big warning screen.
  • There are external links with search engine optimization (SEO) spam keywords that, on clicking, will redirect one to search engine result pages (SERP).
  • There are unexpected and suspicious changes to your website database files or the appearance of new ones with malicious content.
  • Your antivirus blocks a portion or the entire website when you visit it.
  • You may come across messages such ‘This site may be hacked’ on your search engine results.
  • Your hosting server suspends your account without warning and disables it until the hacked content gets cleaned out and the website is re-submitted for verification. 

Why does Google Blacklist happen?

Usually, website authorities like Google, Bing, and McAfee SiteAdvisor monitor sites that appear on their results page to detect the presence of any malware. This includes trojan horses, pharma hacks, SEO spam, phishing schemes, etc. Search engines, in their best interests, target such infected sites and refuse to let them be displayed or be accessed by visitors, wishing to protect their integrity and trustworthiness. 

In most situations, website owners are not aware of being hacked until they realize they have been placed on the blacklist of authorities like Google. 

There are different categories for consideration when a website is blacklisted – some may be pushed to the list for containing spam, others have malware content and yet others provide external links that lead to phishing scams and compromise visitor’s data privacy and security. These are some sort of situations when a site is usually pushed into the blacklist, which requires comprehensive and precise steps to renew its reputation. 

Causes for Getting Blacklisted by Google

1) Malware

Google may blacklist your website when it suspects that your website is being used to spread malware. The pages on your site that have been hacked may automatically download malware when visited – which can alert Google to the fact that your website might be the target of a pervasive malware campaign.

Therefore, to keep users safe, their browsers might display a warning when they visit your site, typically a message or a red screen containing the keyword ‘malware’ on Chrome. Some browsers may display different warnings such as this site may be hacked,  this site may harm your computer, deceptive site ahead, etc.

If your website shows such a warning, it might be a good idea to start working on Google blacklist removal.

2) Phishing

If your website has been labeled deceptive or fake, it might be due to your site being on Google’s phishing listing. Your website may have been modified to collect user info and send it to other servers controlled by hackers. These modified pages might ask users for sensitive info, and users who provide this information may themselves be attacked. This can decrease the users’ trust in your website and affect your reputation.

Related Post – How to remove Deceptive Site Ahead warning?

3) Using Black Hat SEO Techniques

If you’re using Black hat SEO techniques, such as cloaking, scraping websites, and buying links for your website, Google may have blacklisted you. These techniques are unethical as they give websites an unfair advantage, so Google keeps a lookout for sites using such techniques.

How to Remove Site from Google Blacklist:

If you have identified that your site has been blacklisted by Google, we need to work on removing it. Here is a step-by-step guide to removing your website from the blacklist.

1) Checking for Infection

A good place to begin checking is to look at the Google Search Console, which will show why your website was blacklisted – it may be due to viruses, SQL injection, a spam link injection, etc. Once you have identified the reason, you can take steps to rectify the issue depending on the exact issue flagged by Google.

2) Cleaning Infections

Here are a few steps to begin cleaning the infections you may have found in the previous step. A word of caution – be careful in executing these steps and removing the loopholes, if any.

  • Review the unfamiliar modifications on your website and remove them manually.

  • There are certain files which hackers prefer infecting for their important. Trying to find malware in these locations will be a good start:

    • Index file of the website (index.php in most of the case). Within this file, start by checking the header and footer sections for un-recognizable code or gibberish text.
    • .htaccess file is often used by hackers to redirect your visitors to malicious websites which is often picked up by search engines resulting the Google’s blacklist.
    • functions & wp-config files are worth checking considering their super important files containing sensitive information (if you’re using WordPress).

  • Checking key database tables also helps. Hackers often inject malicious scripts in database by exploiting vulnerabilities causing remote code execution and SQL injection. A few examples of key database tables would be table containing your articles (wp-posts), user information and form data. Basically, data tables which are linked to various website inputs should be checked for malicious code insertions.

  • Disable plugins which have been de-activated but still installed

  • Check for new admin(s) added. Then, remove them manually and reset all passwords and usernames.

  • Clean the tables of the infected database manually.

  • Enable two-way authentication for the users.

  • Check the addition of any unverified user and remove them.

We also have comprehensive guides to malware removal you can follow:

Ask Google for Blacklist Removal Review

You can then submit your site for a malware review. However, it may take some time for Google to review your website, ranging from a few hours to a day or two. The steps to submit your site for a review are:

  1. Go to the Security Issues Tab.  This is to review the issues Google has found.
  2. Then select “I have fixed these issues”.
  3. Now, click on “Request a Review”.
  4. Type the steps taken by you to remove malware from your site & the Google blacklist. Make sure you give detailed information!
  5. Finally, click the Manual Actions section.

In case there are multiple issues, continue to follow steps 1-4 until all of them have been resolved.

3) Removing Your Site’s IP from Spam Lists

Your infected site may have been used for a spam campaign – a few groups that look out for domains spamming users could have put your website on their list. There are services available that help you look through such lists. Different lists have different procedures to remove your site’s IP from the list. The Internet can be of great help with this.

How to Prevent Being Blacklisted by Google in the Future:

1) Work with Google Analytics

Google Analytics is a great way to know about your website. It gives you a comprehensive view of how your website works regarding internet traffic. It can also help you identify suspicious activity and give you insight as to whether your site may be affected by malware.

2) Use White Hat SEO

If you’re using black hat SEO techniques, you might want to reconsider that! They have a high likelihood of getting you blacklisted by Google. Instead, here are a few positive techniques to make your website awesome:

  • Spruce up the content on your website which makes users spend more time.
  • Make your website secure.
  • Pay attention to what users are looking for on your website.
  • When blacklisted, the quicker you act, the more damage you control.

3) Update

A good practice is to keep updating the software regularly. This is the best precaution you can take as a webmaster, and the most basic step towards securing your website.

4) Follow Good Security Practices

You can follow our comprehensive security guides as per your CMSs to secure them in real-time from attacks.

5) Go for a Security Audit

Website security is of utmost important today, and your website is more likely to be blacklisted if it isn’t very secure. Going for a security audit is a good idea – an expert opinion can help take your website’s security from good to excellent!

6) Use a Security Solution

It can be quite a tedious task to look out for malware on your website round the clock, but there are security solutions like Astra which could help keep an eye on your website and protect it from hackers and malware. This will prevent your website from getting blacklisted by Google.

Need someone to do all this for you?

If you prefer that your website is fixed quickly by professionals, we can help! With Astra’s award-winning security suite & malware cleanup solution, your website will be thoroughly scanned & fixed from malware, like backdoors, viruses, Trojans, etc. Once the malware is removed, your site would be protected with our firewall to prevent re-infection 💪

We’ve made a detailed step-by-step video on how to fix the warnings and remove your site from Google’s blacklist that you might find helpful:

Google Blacklist: Conclusion

Malware is always changing, and can affect your website and even your reputation. While removing your website from the blacklist is one part, ensuring you never get blacklisted again requires something more permanent – like Astra Security suite.

Infographic: Fixing Google Warning Messages (Google blacklist)
Fixing Warning Messages in Google

Is your website blacklisted by security tools? Find out in 15 seconds.

Was this post helpful?

Tags: , ,

Naman Rastogi

Naman Rastogi is a Growth hacker and digital marketer at Astra security. Working actively in cybersecurity for more than a year, Naman shares the passion for spreading awareness about cybersecurity amongst netizens. He is a regular reader of anything cybersecurity which he channelizes through the Astra blog. Naman is also a jack of all trade. He is certified in market analytics, content strategy, financial markets and more while working parallelly towards his passion i.e cybersecurity. When not hustling to find newer ways to spread awareness about cybersecurity, he can be found enjoying a game of ping pong or CSGO.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Newest Most Voted
Inline Feedbacks
View all comments
Alex Marvin
Alex Marvin
2 years ago

Great article!


[…] to the spam pages. However, search engines have malware filters. As a result, the store may get Blacklisted for spam content or malware. This warns the users each time they proceed on the site. Thus user […]


[…] Spam content can also damage the reputation of the host server and can at times result in getting blacklisted by search engines. Therefore, hosting providers take adequate steps resulting in the WordPress site getting […]


[…] I shall explain the detailed steps of (upload, install, unzip, move, XML and remove) which made OpenCart vulnerable to RCE. Later in the article, we shall show how security measures like a secret temp directory name […]


[…] Note: Know more about Google Blacklist Removal. […]

1 year ago

One of the complete guide on Blacklist removal. My WordPress website is showing “Deceptive site ahead”. Can you please help me

Psst! Hi there. We’re Astra.

We make security simple and hassle-free for thousands
of websites and businesses worldwide.

Our suite of security products include firewall, malware scanner and security audits to protect your site from the
evil forces on the internet, even when you sleep.

earth spiders cards bugs spiders

Made with ❤️ in USA France India Germany