Google may be proven profitable – especially if you have a site and you can generate traffic from it. But Google can be a handful too, especially with their security checking and examination. There are a lot of cases when Google flags sites suspicious or even dangerous, and if such thing happens to you, you can lose your source of income. That’s why you need to submit a request for phishing or malware review to Google once they flag your site.
If you want Google to remove the warning, you need to perform a Diagnostic Page check for your website. Simply visit Google Search Console and see whether your site is flagged suspicious or not. If there is a warning, you can submit the request. No matter what you do, the warning won’t be removed unless you submit the request – even if you have deleted the files or even removed the whole site.
Submitting a request is simple. You only need to open Webmaster Tools (or also known as Search Console) Account within Google Search Console. In case you haven’t created an account, make one first. You can log into your account and then open the dashboard. You will see a list on the left side. Choose Security Issues and you should see a smaller screen with the possible issues your site is facing, including detailed information about the possible hacking problems. In fact, you will be provided with information about hacking types and the sample links where they detect the issues. However, in case Google isn’t able to describe the issue or deliver any information about it, they simply will only write “malware and unwanted software” issue. You can submit the review request through this Search Console Account.
About Malware and Unwanted Software
Google has started giving warning about unwanted software since July 2015. With their Unwanted Software Policy, they only provide such information without giving details about the types of issues they’ve encountered. The problem generally starts with the existence of ad injectors or adware from the ads third party providers. Anything that belongs to the category of registry cleaners, free toolbars, or anything included in PUPs (Potentially Unwanted Programs software) that can create problems with the users’ computer or browser will be flagged.
Although Google hasn’t been able to differentiate unwanted software or malware, you can still check your site with Is Flagged program or File Viewer Tool. You can submit the review request, but you will have to click the provided box of I have fixed the issues.
After clicking on the box and click on the review request button, you will get a small popup window. On the provided slot, you can type about your attempts in finding and removing the file. Simply type I have found the problems and had the malware files removed and then click on the review request button. Once you have clicked on it, it may take a while before you get a notice “Your request was successfully submitted. Please check back again later.”
The review process will take a moment – around 10 to 12 hours – and it is an automated process. It is also possible that it may take 24 hours to complete. Unfortunately, Google doesn’t provide any notice about when the process starts, whether it is still ongoing, or when it is going to be completed. The only thing you can do is to check on the Search Console to see whether it is still on the process, whether it is pending, or whether it has finished.
In the meantime, Google will scan everything again and again. If they don’t find anything, they will remove the warning. But if they still detect anything suspicious, the warning stays. That’s why you need to make sure that you have cleaned everything thoroughly. If not, Google will tell you about it.
This page can give you a lot of info and insight about what’s going on with your site, but the words can be confusing – especially for beginners. Replace the domain Google.com with the URL of your site to diagnose your page.
Alright, so let me help you with some things, such as the dates.
When you see the page, you will see two different dates. The first date means the time when Google detected any malicious content in the site and then flagged it. The second date means the time when Google was doing malware review. Whenever they do the review, the first date won’t change at all. In case they don’t find anything suspicious, they will remove the warning, but the first date will remain the same. Meanwhile, the second date will always change whenever Google makes malware review.
Next, when you see a notice saying, “Of the xxx pages we tested on the site over the past 90 days, 896 pages are still considered suspicious” it means that they have checked on your site – through indexes and stuff – and they didn’t find anything suspicious, including malicious content. However, there are other URLs connected to your site that are proven malicious and suspicious.
Google Phishing and How to Remove the Warning
In case your site is flagged for phishing, you will be blocked from using it. It is common for Google to use the so-called ‘red screen of death’. When you perform diagnostic page you won’t find anything. Even when you access your Search Console account, there is nothing about it. You can clean up the site and then notify Google using the Report Incorrect Phishing Warning Form.
Use the provided slot to fill in the specific URL that Google has flagged. You can find the phishing URLs within your website through web forgery or remove a phishing warning because they can be difficult to locate when Google hasn’t provided the info. Then submit the URL as well as your homepage.
Basic Security Protection and Checking
It doesn’t hurt to always check your system; even the most basic checking can really help. First of all, you can always ask for information for your hosting service. They usually can help their clients checking on file ownership, access logs, etc.
Second, make sure that you always update your software because hackers like to exploit any vulnerability they can find in older versions of any software. Make sure that you don’t leave inactive files.
Fourth, check your folder or file permission. It can be a great access for hackers to create some damages. Make sure to have regular checking. Once hackers have access through this method, they can continue getting access to your system even if the passwords have changed. And the last one is to be aware of any ‘backdoor’. Hackers love leaving backdoor on their targets’ site. They generally make use of hidden PHP file that is well stored inside the system files. If you perform a thorough checking, you will realize that the PHP file doesn’t belong to your site and it will be filled with encoded items. If you want to learn how to detect this kind of backdoor, watch the video below.