Update: This article was updated on 20 March 2017 to reflect the Google ‘s suggestion on hacked site. See end of the article.
A few days ago, I searched for Natasha Kundi’s blog in Google and I was surprised with the results, Natasha Kundi’s blog was labeled by Google “This site may harm your computer”.
I am a regular reader of Natasha’s blog which is about fashion, beauty and film reviews. I was surprised when I saw the Google result.
When I clicked on the Google result to access Natasha’s blog, Chrome displayed the following message – “Visiting this site may harm your computer!”
What does “This Site May Harm Your Computer” mean?
When a site is believed to have malware (or malicious software, which is used to gather or disrupt sensitive information from a private computer system), Google labels such sites in their search result with the tag “this site may harm your computer”.
Google has automatic scanners that constantly look for the malicious web pages. Whenever Google find such issue with a web page or website, it takes a proactive approach and labels the site with a warning.
How Malware Get Inserted Into the Site?
- Through third party code or content
- Through being hacked.
Natasha embedded the 3rd party website content in her blog, that was malicious. That’s how she got a warning message from Google.
How to Fix “This Site May Harm Your Computer” Problem?
Never think that it is a small issue. It can seriously impact your business by reducing the organic and referral traffic. So, it is very important to let your audience and Google know your site is free of malware.
Here are the key steps to fix this problem –
1. By Using Google Webmaster
If you are using Google Webmaster Tools (GWT), then you will receive a message that your site has been flagged in the search results. In the Security Issues section, you will find the problematic URL identified by Google and the recommended suggestions to deal with issue. If you are not using GWT, just go ahead and sign up first.
After removing the malware – code, content or page from your site, request a review in Google’s Webmaster Tools. Google will re-scan your website and will remove the warning (it can take 24 hours or more).
2. Using SafeBrowsing Diagnostic Page
You can also use the Google SafeBrowsing diagnostics page (http://www.google.com/safebrowsing/diagnostic?site=<site-name-here>) to see specific information about the affected site that Google’s scanners have found.
3. Request a review from stopbadware.org
StopBadware is a nonprofit anti-malware organization who protect people, websites, and organizations from becoming victims of spyware, scareware, viruses and other badware.
They are partnered with Google’s anti-malware team to communicate information about websites that have been labeled as suspicious. You can search their database to see if your site was showing up as being flagged or not. If it is, then “request a review” only after you have made the relevant changes.
Google suggests following steps to make your website safe, especially for the cases for hacked site:
- Keep your Content Management System (CMS) such as WordPress, Joomla, and plugins up to date.
- Make sure to use a unique and difficult to decrypt password for CMS login. If possible, enable 2-step authentication for login.
- Make sure the themes and plugins you use in your CMS should be from a trustworthy source. The reason being that pirated ones often contain malicious code that makes your site more vulnerable to hackers!
- Make sure to verify the non-www version of your site as well, (sometimes you have to use this before filing reconsideration). As a user, we understand that http://abc.com & http://www.abc.com are the same site but Google actually treats these as two different sites. http://abc.com is referred as “root domain” on the other hand http://www.abc.com is the “subdomain”. You may have http://www.abc.com verified, but not http://abc.com verified, this is important because the code or malicious pages added by hackers may be on non-www pages such as http://abc.com/why-blogging-matters/. Once you verify http://abc.com you can easily get out of the problem and can see the result in Fetch as Google tool.
- Avoid using FTP for transferring files to your servers because it does not encrypt passwords or any traffic. Instead, use SFTP, it encrypts everything, including traffic and password.
- Check the access permissions on highly sensitive and important files like .htaccess. Check this for the new rules as well.
Has anyone ever experienced such malware or attack situations? How you tackled that situation and cleared your website? Please share your experience below.