Submit a Ticket
Support Center » Knowledgebase » Reported Attack Site

Reported Attack Site

In case that in Google your site has been declared as an attacking and redirects to:

http://www.google.com/safebrowsing/diagnostic?site=domain.com

most likely the site has been compromised and contains malware.

Note: domain.com is your domain name.

If your domain name when loaded in your browser, displays similar page:



First you need to review your hosting account to find the root cause of the problem - warning message at Google. You have to remove the malicious code from your files and remove all files, which are not uploaded by you. Then you have to take actions to eliminate the reasons for adding the code and ultimately be required re-indexing of the site.


Commercial assistance is available from companies such as Sucuri, for more info, please check https://sucuri.net/website-security/sc-clean-hacked-website (Please, note that we are NOT affiliated with this company). You may find other similar solutions such as SiteLock.

Once you have removed the malicious code on the site and the reason for adding it should be required re-index to allow the message to be removed faster.


Note: If you do not require re-indexing of site, the message will also be removed if malicious code is no longer available on the site. The message is obtained by indexing the site by Google. When the requirement of re-indexing accelerate the process.

To request re-indexing, you need to add your domain account at Google Search Console (Google Webmaster Tools) . It is a tool of Google, designed for webmasters and developers, which provides additional guidance on better positioning on the site results from Google.

If you do not have an existing account at Google Search Console, you can do so at: http://g.co/SearchConsole

Once you register, you need to add your domain and verify that you have control over its management.

Once you access your account, select the ADD A PROPERTY in the upper right corner:

There are 4 methods of verification, you can use the most convenient for you. One of the most popular is uploading a file to your hosting account.

You can download the file and then deploy it to the directory domain. You can upload in File Manager control panel or via FTP client. Once the file is located, you need to access it via the web. Click Verify.

In Google Search Console will come a message that the domain has been successfully verified.

To request re-indexing you need to:

---  Phishing

        1. Complete the review at google.com/safebrowsing/report_error/. This review removes phishing warnings from phishing pages that have been cleaned. It also serves as a reporting tool for site owners who believe their page was incorrectly flagged for phishing.

---  Malware or Spam

        1. Open the Security Issues report in Search Console. The report will probably still show the warnings and sample infected URLs you saw before.

        2. If you believe that the sample URLs listed are all clean, select Request a review. In order to submit a review, we ask that you provide more information that the site is cleaned of the hacker's damage. For example, for each category within Security Issues, you can write a sentence explaining how the site was cleaned (for example, "For Content injection hacked URLs, I removed the spammy content and corrected the vulnerability: updating an out-of-date plugin.").

Re-indexing usually takes from several hours to several days, at the interface of Google Search Console will tell you why.

Important: If Google determines that you have not fixed the problem, the Security Issues report in Search Console will usually display more sample infected URLs to assist your next investigation. Malware or hacked with spam site warnings will remain in search results and/or browsers as a caution to protect users.
 
This message will be removed only if the code of the site is removed all malicious content.

 This answer was helpful  This answer was not helpful
 Back