So you’ve just noticed that when you search for your website in Google, along with your standard listing you also have a message which reads “Warning Visiting This Site May Harm Your Computer”.
This article is all about *why* this warning appears, how to correct any issues with your website and finally how to go about the “Warning Visiting This Site May Harm Your Computer” removal process so that you can be sure that not only is your website *not* going to damage anyone’s computer but as importantly that you can get this warning removed a hence return your site to it’s original traffic numbers.
After all, a site with this warning is going to see a rapid decline in visitors actually clicking your listing and less traffic means less profit for you. In other words the quicker you can resolve the issue the better.
What Causes The “Warning Visiting This Site May Harm Your Computer” Alert?
Google maintains a list of websites which have been shown to contain malware of some form. Malware is the “catch-all” title given to software applications that can cause damage to a computer and is a shortening of “malicious software” – basically it can do all sorts of nasty things. A common example is that a website infected with malware may try to install viruses on the computers of visitors which are capable of stealing passwords to bank accounts, emails and so on.
So to protect their users Google flashes up a warning when a website with malware on it gets reported to them.
Your mission when you find this warning is therefore to fix your site so it is safe and clean and then to have the warning removed.
How Does A Website Get Infected With Malware In The First Place?
There are typically two ways in which your website will get compromised.
The first is that you are using old versions of scripts on your web hosting account. Out-dated versions of WordPress, Joomla, plugins and so on can all have security issues which is one reason why new versions are regularly produced. As soon as a hacker finds a way of cracking a script, the programmers work hard to put out a new version that closes that security gap so if you’re not running the very latest version of the scripts you use this is one potential way that hackers have managed to access your web hosting account and upload malware to your website.
The second way for your website to get infected with malware is just as common and involves you already having a virus of some form on your own home computer. When you log into your WordPress control panel, upload files via FTP or suchlike the virus records your username and password and then uses these to gain access to modify your website.
Remember that each piece of anti-virus software has it’s strengths and weaknesses and so even if you already have anti-virus installed on your computer there is a chance that it has been missed during your routine scans.
How To Remove Malware From Your Website
There are a number of steps that can be taken to remove malware from a website but the first and most important steps should be taken for every hacking attempt you experience.
1) Scan Your Computer For Malware
Before we do any work at all we need to ensure that your computer is secure and virus-free. If not then any other step we take here could be a waste of time because the virus could just reinfect your sites and you’re trying to resolve the problem.
Because some anti-virus software may miss certain malware applications it’s worth scanning your computer with at least two different applications. Personally speaking when I suffered from this issue recently I scanned my computer using Norton and then a double-checked it with Malwarebytes’ Anti-Malware software.
Norton found a couple of trojans and removed them and double-checking them with the other application showed that all malware had been safely removed from my computer.
Incidentally at the time of writing when you buy a copy of Norton off their website you can also pay a small additional charge for one-on-one help to remove viruses from your computer. While you probably won’t need this I personally think it’s well worth paying the little extra because if the Norton application can’t automatically remove troublesome malware from your computer you can have an expert log into your computer remotely and fix the problem which will save you a lot of time and expense in the long run.
2) Update Your Website Scripts To The Latest Version
Once your computer is safe the next step is to update any scripts you use to their latest versions. For example using WordPress you can log into your admin panel and click on the “Updates” option from the left-hand menu. This will tell you if there is a new version of WordPress or updates to plugins you’re using and will allow you to automatically upgrade them to the latest versions.
Do this for every script you use no matter how long it takes. Personally I run dozens of sites so it was a long and boring – yet necessary – process.
3) Change All Website Passwords
Consider all the passwords you use for your websites. You may have usernames and passwords for WordPress, for various FTP accounts and for your web hosting control panel too.
Each of these could have been compromised and so every single one needs to be changed. Ensure each password is unique and difficult to guess and for safety in the future don’t store them on your computer.
At this stage your websites and web hosting account should be secure again and hackers will be unable to access your sites so next we need to clean up the mess so that your sites really are totally malware free.
4) Clean Your Files Or Overwrite From A Back-Up
This is arguably the hardest step of all to resolve because there are so many possible solutions and the best will depend on your individual circumstances. Having tried out a number of them, here are my suggestions for solving the issue in order of preference from the best (easiest) down to the worst (most boring and time-consuming)…
Contact Your Web Host’s Security Department
Many web hosts have a specialist department who will deal with problems like this. So firstly try contacting your customer service department to see if they can help out either for free or for a small charge. Personally I host most of my sites with Hostgator and their security department got the problem solved within an hour on my sites once I had done all the preliminary steps.
Upload From Backups
Cpanels allows you to download packups of your sites and personally I also use an automated backup system for most of my most profitable WordPress sites so that I have offsite backups done on a daily basis.
If your web host can’t or won’t help you the next option is to upload a new clean version of your site using your backups. Except that surprisingly few people actually create backups of their sites – and while I had WordPress backups I didn’t have copies of my static HTML sites.
Furthermore it’s essential that *all* your sites are fixed at once because one missed instance can cause all your cleaned sites to become reinfected once again. However this also makes a note for the future – as soon as you have your sites fixed and running smoothly again put a system into place that will automatically store backups for you to help you resolve situations like this quickly and smoothly.
Outsource The Clean-Up Process
Assuming your web host won’t help and you don’t have a clean version of every file on your site the next possibility is to outsource the clean up process.
Personally I tried hiring an engineer using Elance who came with an impeccable resume. He set to work straught away but after two weeks had still failed to complete the clean up process having cost me a considerable sum of money. This was when I contacted Hostgator who got the issue resolved in less than an hour. If only I’d tried them to begin with.
Manually Clean All Your Website Files
This is the worst-case scenario and unless you have infinite patience and a high level of computer ability I would strongly advise against not using this technique. You will need to download every single file that makes up your website, check it for viruses and then reupload them all. You should also reinstall all scripts such as WordPress to ensure they are clean and also scan any MySQL databases that you are using for viruses.
In short you need to be able to figure out where the problem is, what you’re looking for, and then go through hundreds of files making the necessary changes so it is a long, boring and complicated process. Worse, as previously mentioned, should you miss a single line of code all your sites can quickly become reinfected after you upload the new versions.
My personal suggestion is therefore to save yourself the heartache and at worst hire a professional to deal with the situation for you.
Understanding The “Warning Visiting This Site May Harm Your Computer” Removal Process
So your sites are clean and virus free? If so, firstly leave them alone for a day or two. My own experience of this problem recently is that a site which seems fine can become reinfected a day or two later if you haven’t cleaned every last remnant of the virus from your hosting account.
So keep checking your sites for a few days. A good free online virus checker to ensure your sites are now clean can be found at . After a few days have gone by with no infections showing you should be confident that the situation has been resolved and it is now time for the Warning Visiting This Site May Harm Your Computer removal process which in many ways is the simplest of all.
If you don’t already have a Google Webmaster account then sign up for one for free then add your infected sites – the ones that have the warning showing up. Webmaster Tools will then complain that these sites contain malware and will give you an option to place a reconsideration request. Do this for each of your sites that had the issue, explaining what you did to solve the problem and within 48 hours you hould find that the warning has been removed from your website listing.
As a side note, obviously don’t try to “game” Google by simply submitting a reconsideration request *without* cleaning up the problem. You will simply be wasting your time as Google will scan your site to be certain so the only way to remove the warning is to actually do the necessary work before contacting Google.
Have you ever had problems with malware on your site? How did you resolve the issue? Please leave a comment below with your experiences…