If Google displays a “This site is dangerous” warning, we’ll explain the actual steps to have the Safe Browsing flag removed and the reality of the review process.

A red warning screen appears in Google search results or when opening the site

One day, out of the blue, you may see a red screen with warnings like the ones below appear in your WordPress site’s search results or when you open the site.

“This site may harm your computer.”
“This site distributes harmful software.”
“This site has been reported as a phishing site.”
“Dangerous site: Opening this page may install software that harms your computer.”
“Suspected phishing: This page may attempt to trick users into performing dangerous actions (such as installing software or leaking personal information).”
“Harmful programs: This site may install harmful programs on your computer.”

In this case, there is a high probability that the site has been compromised and infected with malware.

What should you do if your site is infected with malware?

The general steps to take if your site has been compromised are as follows:

• Remove malware from the site

• Delete unauthorized administrator accounts and other malicious users

・Patch vulnerabilities by applying updates and changing administrator passwords, etc.
(※If there are other sites on the server, malware may spread through them, so it is recommended to perform the above three steps for all sites.)

・Notify Google Safe Browsing that the site has been cleaned up and request a re-review.

What should I do if a warning screen appears in the browser and I cannot access the site?
 ・Click “Details” on the warning screen.
・Click “Visit this unsafe site” or “View site anyway.”
You will then be able to access the site.
*However, since the site is infected with malware, please be extremely cautious of being redirected to malicious sites or downloading viruses when accessing it.

You can also perform malware scanning and removal using a dedicated plugin.
[Free] WordPress: Malware Scan & Security Plugin [Malware & Virus Detection and Removal]

However, since plugins have their limitations, if malware has prevented you from logging in at all, you may need to take additional steps, such as manually restoring login access.

Reference
Summary of symptoms and solutions for malware that instantly tampers with WordPress index.php and .htaccess files

Procedure for submitting a request to Google, time required to be removed from the Safe Browsing blacklist, and site restoration

After addressing malware and vulnerabilities, you must notify Google that the malware has been removed and apply to be removed from the Safe Browsing blacklist.

1. Log in to Search Console
https://search.google.com/search-console
 * If you haven’t registered yet, please do so

2. Open the Security Issues Report
Left menu → “Security and SEO” → “Security Issues”

3. Review the issues and verify they have been fixed

A list of detected issues will be displayed.
Click the “Request a review” button

4. Fill out the request form
Enter a description of the fixes you’ve made and submit the form.
Be sure to include details on how you removed the malware and how you patched the vulnerability.

How long does Google’s re-review take?

Based on our experience, there is a more than 70% chance that the review will be completed and the suspension lifted within one week.
However, it can sometimes take quite a long time. In particular, if you are using Google Ads or running Google Ads campaigns, the suspension may not be lifted for some time.

If you use Google Ads or are running Google Ads campaigns, you must submit a request through the following support channel in addition to Search Console

■Submitting a request to Google Ads Support
1. If your Google Ads account has been suspended, a separate request is required.
2. Log in to https://ads.google.com
3. Submit your request via the “Appeal” link provided in the account suspension notification email
4. Alternatively, go to “Help” → “Appeal a policy violation”

■ Google AdSense (if you are displaying ads)
1. Submit a review request for your AdSense account
2. Log in to https://adsense.google.com
3. If your account is suspended or restricted, submit your appeal via the link in the notification email.
4. Submit

the

form stating that you have “resolved the policy violation.”

However, if the malware has truly been removed, the suspension is usually lifted within a month after several exchanges with Google.

If your application is not approved, you may need to engage in more technical communication, such as providing evidence that the files listed are no longer present.
You should also perform a re-inspection to confirm that all malware has indeed been removed.
I hope this information is helpful.

Terms of Use for Generated AI

This page prohibits the use, quotation, or summarization of any page, in whole or in part, by the Generated AI. However, if the following conditions are met, the specification of content using generated AI is permitted.
1. it is not for the purpose of learning by the generated AI. 2. only the summary or title of the page content at a level that does not lead to the solution of the user’s problem is shown to the user. 3. in the case of 2, a link to this content is shown to lead the user to this page.

Related Posts:

  1. How to perform malware removal and request a review after Google determines a site to be dangerous.
    This section explains how to perform malware removal and request a reexamination after a site has been determined by Google to be dangerous. Terms of Use for Generated AI This page prohibits the use, quotation, or summarization of any page, in whole or in part, by the Generated AI. However, if the following conditions are met, the specification of content...
  2. The Process from a WordPress Hack to Being Flagged as Malware by Google, and How to Resolve It
    I will explain the process leading up to a WordPress site being flagged as malware by Google after a hack, as well as how to resolve the issue. Terms of Use for Generated AI This page prohibits the use, quotation, or summarization of any page, in whole or in part, by the Generated AI. However, if the following conditions are...
  3. What to do when a red warning appears in the browser when accessing your (your company’s) WordPress site
    Here is what to do when the browser screen turns red when accessing your (your company’s) site and a warning appears on that screen. Suddenly a warning screen appears when accessing the company’s website. When accessing your company’s website, the browser screen may turn red and a warning may appear, preventing you from accessing the site. The warning may be...
  4. What to do when a WordPress site displays a red screen saying “This site may cause damage to your computer.
    This section explains how site operators can deal with a red screen on a WordPress site that says “This site may cause damage to your computer. Terms of Use for Generated AI This page prohibits the use, quotation, or summarization of any page, in whole or in part, by the Generated AI. However, if the following conditions are met, the...
  5. What to do when Google’s ad review does not pass (disapproves) due to malware
    Here is what to do if your Google ads suddenly stop appearing and your AdSence and Adwords screens show “malicious or undesirable software” and your ads are disapproved. Terms of Use for Generated AI This page prohibits the use, quotation, or summarization of any page, in whole or in part, by the Generated AI. However, if the following conditions are...
  6. The nature of the discrepancy between WordFence saying “no problem” and Google Search Console issuing a malware warning.
    WordFence says “no problem” even though the site is infected with malware, and Google Search Console is giving a malware warning. Or conversely, we will explain the discrepancy where WordFence detects malware and Search Console and Safe Browsing show no problem. Terms of Use for Generated AI This page prohibits the use, quotation, or summarization of any page, in whole...