How to Remove “This site may be hacked” Warning message

Google uses This site may be hacked warning to flag websites that are hacked or might be hosting spam content. A warning like this puts your business at stake because it scares away your prospects. Hence, for a website owner, Google warning can particularly be more troubling. If you are wondering as to why Google flagged your website and how can you possibly remove it? Look no further, this article is all the help you need in removing the warning and securing your website. Read on to find out how.

This site may be hacked warning
“This site may be hacked” warning

What does the ‘This site may be hacked’ warning mean?

This goes without saying that Google is the most popular Search engine out there. As a result, Google has a responsibility of keeping its users safe. Google examines billions of URLs daily for malware, spam, hack, etc. It then flags the ones that might have been compromised.

Google classifies compromised websites into two broad categories:

  • Attack sites: Websites that host software capable of affecting the visitor’s computer. Google marks such sites with the warning This website may harm your computer“.
  • Compromised sites: Websites that might be hosting spam content added by a hacker. Such websites appear in Google flagged with This site may be hacked warning.

Moreover, the visitor traffic to flagged sites is restricted until the issues are resolved. This means a serious loss for your business as you are losing potential customers every minute.

What If I Visited a Hacked Site?

Till now, we know that Google blacklists the websites hacked with malware, hosting spam or malicious content. But, what does really happen when you visit a hacked website? Listed below are some ways you could suffer if you visit a hacked website-

  • Your PC might get infected with various malware programs including trojans, virus, PUP (potentially unwanted programs), etc.
  • Your PC may experience BSOD (Blue Screen of Death).
  • You could lose your files and might be asked a ransom for getting them back.
  • Malware could completely delete your files.

How to remove ‘This site may be hacked’ warning?

It all starts with Google sending an email to the website master (admin@ or webmaster@domain name) with the details of the problem on the website. If you have your website set up with Google Search Console, you will be notified in the security tab about the malware found on your website. Act quickly if you receive any such message because the longer you wait to act the more adversely your SEO rankings will be affected. Here is how you can go about the malware removal process to remove the warning from your website:

Check out: Companies that were forced to shut down due to hack

  1. Verify Website and Remove Unauthorized Users

    Verification is the very first step in the removal process. It basically means to prove that you own the site that you claim to own. You can verify your site on Google Search Console. They have several methods of verification like meta tag, HTML tag, and Google Analytics Tool.

    To check unauthorized ownership, go to property owner management page. Make a list of unauthorized users and delete them. Don’t forget to remove all meta tag and HTML files that were used to verify the ownership of the unauthorized user.

    This site may be hacked removal
    Verify Website on Google Search Console
  2. Contact Your Host

    Your website host knows your website hosting environment and configurations. Your host would know how to fix the issues better than you. It is also possible that he is hosting several websites on the same server. He would like to check the other websites and make sure they are not affected as well.

  3. Follow Google’s Suggestion

    Once site verification is done, check the security issues that Google has observed on your site. They will be listed under “Security Issues” on the left panel of Google Search Console. It will also mention the specific URLs that might have been hacked.

    This site may be hacked removal
    Check Issues in “Security Issues” tab

    Check if there is are any critical messages from Google regarding the nature of the attack

    1. Spam pages, text or links: It’s likely the hacker has placed spam pages, text, or links on your site.
    2. Phishing: By creating phishing pages on your site, the hacker is using your site to obtain user details, often by masquerading as a trustworthy site.
    3. Malware Distribution: The hacker may be using your site to infect your visitors with software designed to access confidential information or harm their computers.

    Remove infected pages and files. Consult an expert if you are not sure which pages are safe to remove. It is advised to take your site offline before quarantining your site so that there is less interference from the hacker, and meanwhile, malicious code or spam files won’t be exposed to visitors. This will not affect your future SEO ranking.

  4. Scan for malware and identify vulnerabilities

    Run a malware scan to make sure that the site is free from any malware or content that the hackers might have left behind. Remove all infected files and patch all back doors. Astra provides complete 360° malware scanning and remedy. It provides great features like automatic daily scans, access log reports, vulnerability assessment, etc. It also provides an option to schedule regular scanning. This helps remove vulnerabilities before hackers get a chance to exploit them.

    Check out: How to scan a website for malware

  5. Request a Google Review

    Go to Google Search Console, then open the “Security Issues” report section and then request a review. You can use the Request a review template designed by our security experts that you can submit to the Google Search console team.

    Google review ensures all the security issues are addressed before the site is reinstated. The review will not take long. If your website is free from infections, it will regain its SEO status within 24 hours after completion of the review.

    Has Google flagged your website due to malware? Drop us a message in the chat widget, and we will be glad to help you.

Remove Google warning, deceptive site warning, Chrome red screen

How to prevent future ‘This site may be hacked’ Warning?

After cleaning your website of the infection and pulling the site back online, now it’s time to harden your website’s security. Follow these steps to keep your website safe.

  1. Update Software

    Firstly, keep your CMS software and extensions up-to-date. Developers regularly release security patches for detected vulnerabilities.

    Secondly, remove unnecessary extensions and plug-ins that are not updated and are not in use. Out of date extensions act as back doors for the hackers.

    Lastly, update the web server too. Also, keep your local PC and network secure. Use up to date OS and antivirus software. (Pro Tip – You can utilize the auto-update feature provided by the software developers to cut the extra work.)

  2. Use Strong Log in Credential

    Brute force attacks accounted for ~16% of hacked sites, according to a survey. A brute force attack is a trial-and-error method to get the correct username & password combinations of the website’s login page. This attack exploits the common mistake of using a weak password.

    Need I say? Use a strong password always. To be more clear, use a combination of letters, digits, and symbols as password instead of your name, website’s name or a proper word. Another security best practice is to limit the number of login attempts and adding a two-step authentication method.

  3. Switch to HTTPS

    HTTPS stands for Hyper Text Transfer Protocol Secure. It allows secure exchange of files on the World Wide Web for it enables encrypted communication between a remote user and the primary web server.

    This is a great way to improve your SEO because Google considers HTTPS as a search ranking factor for websites.

  4. Enable Web Application Firewall

    Web application firewall (WAF) is an application layer security solution that checks traffic coming to your server. It also takes necessary action to protect it from hackers and malware. In simple words, a WAF  is like a gatekeeper that filters all traffic coming to your portal. You can go for the Astra firewall for it takes the headache of security away from the webmasters, giving you a plug-n-play solution. Most importantly, it comes pre-configured according to the CMS you are using.

  5. Join a Community Security Program

    With Astra’s Community Security Program, you give white-hat hackers a safe and secure way to report any vulnerability that they find on your website. This will increase your website’s security by crowd-sourcing it. The security experts at Astra verify all the reported vulnerabilities first and send only the valid ones to you. They also provide the most suitable solution to the problem reported and provide all-round protection to your website.

  6. Use Webmaster Tools

    Having your website on Google webmasters tool aka Google Search Console is the most effective way to get notified on security issues on your website. Further, you can also opt for Google Alert to get notifications on priority.

  7. Scan Your Website Regularly for Malware

    One mistake most web owners make is not indulging in routine scanning of their websites. Regular scanning for websites is as important as health checkups are for us. With Astra’s on-demand malware scanner, you can scan your website whenever and as many times as you want. So, scan your websites for malware periodically, if not daily.

  8. Check Google Crawling

    Sometimes, hacker blocks Googlebot from indexing your website online. Needless to say, your website needs web traffic to be successful online. So, not being indexed by Google can plummet your traffic and thus growth of your business. here is how you can make sure Googlebot is not blocked on your website by-
    1. Add website on Google Search Console
    2. Configuring robots.txt file in Google

  9. Update to Security Patches

    Every CMS release security patches for bug fixes and security improvements internally. Update with every patch release and you are good to go.

  10. Move to a Secure Hosting

    Hosting your website on a shared server may seem like a cheap option but can prove to be much costlier when hacked. You have no idea about the websites on the server and if they are infected or not. Not all ignorance is bliss, some are frightening. So it’s any day better to invest in a reputed hosting provider than going for the easy and cheap.

Check out: How to join Astra’s Community Security Program

Conclusion

It is better to be safe than sorry. These tips will help you to remove the warning from your website. If your issues are still unresolved you can get in touch with experts here.

Being infected by malware is one of the major reasons why Google blacklists a website. Security experts like Astra Web Security can help you in situations like these. Astra offers malware cleanups, web application firewall and security audits & pentesting by security experts.

Get an Astra demo now.

Waiting to Get Hacked?

Get security tips & latest vulnerability fixes right in your inbox:

About The Author

Mahima Maheshwari

She is an Embedded Systems Engineer and a cybersecurity enthusiast. She spends most of her free time researching & reading. And loves to spread knowledge through blogs.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Close