What to do if Google Detects Malware on Your Site


51% of all internet traffic is made up of bots and 60% of these are designed to carry out malicious activities.

These automated robots crawl the web and attempt to hack into websites and post spammy links, carry out DDoS attacks or steal content.

Webmasters whose sites become infected with malware will quickly find that potential site visitors are essentially blocked by Google, which displays this alarming message to Chrome users who attempt to access the website.


Google Chrome malware warning



How Does Hacking Damage a Website?

Almost half of all internet users use Google Chrome as a browser, so Chrome’s malware warning can have a disastrous impact on a website’s traffic.

A malware-infected website can compromise visitors’ computers and personal information, so even though web surfers who use different browsers don’t see the Chrome Malware warning, webmasters still have a responsibility to rid their site of malicious scripts.

When a website has been hacked, its reputation is compromised as well as its security. The Chrome warnings strongly dissuade potential customers from visiting a site so traffic and sales can be lost.

To regain the trust of search engines and customers alike, website owners must take action to remove malware and fix any problems it has caused.


Has My Website Been Hacked?

Website owners tend to realise their site has been hacked when they try to access it themselves on Chrome, when they look at their Google Webmaster Tools account, or when site visitors let them know via email or social media.

There are also online tools available, such as the free Unmask Parasites’ Security Report, which will scan a website in moments and report on any suspicious scripts it finds.

The Unmask Parasites report is based on information from Google’s Safe Browsing Diagnostic pages.


Web page security report



What to Do If Your Website Has Been Hacked

If your website has been subjected to a hacking attack, don’t ignore the problem! The longer the website is infected, the more customers you will lose.

Google will block access to your website for an extended period of time and this, as well as any security breaches involving user information, causes damage to your brand’s reputation.


First Steps

Your aim is to remove any risk to site visitors and minimise any further damage to your website.

The first thing to do is to limit the damage the malware can cause by quarantining your website.

To avoid infecting your website visitors’ computers and to prevent any further damage to your website, Google recommends that you immediately:


1)      Take your website offline

2)      Contact your website hosting provider

3)      Change the passwords for every account that can access the website

4)      Make sure the hackers have not created new user accounts.


Use Webmaster Tools

Once these steps have been taken, it is time to try to identify exactly what has happened and how much damage has been done. You can find out a lot of information from Google Webmaster Tools.

If malware is detected on your website, Webmaster Tools will display a red warning symbol next to an affected URL.

Click on this symbol and Google will display all the URLs that have been hit by the malware attack.

Once you have the list of affected URLs, click ‘Google Index’ in the Webmaster Tools left-hand sidebar. From there, choose ‘Remove URLs’ (remember revisit this tool to revoke your removal request when the URL is clean again).


Webmaster Tools


Use this URL removal tool to request that Google removes the pages of your website that have been infected. If any of the hacked pages look like they might be attempting to steal user information, submit them to Google’s ‘Report Phishing‘ page.


Restore your site from a backup

If you have a backup of your website (you do have a backup of your website, don’t you?), you can use this to restore the entire site, as long as you are confident that the backup files have not been infected.

It is also important to scan the computers of anybody who has access to the website. This will help to eliminate any malicious scripts that have been installed on users’ machines.

Back in Google Webmaster Tools, click on Crawl in the left-hand sidebar, then select ‘Fetch as Google’.


Webmaster Tools


Fetching a site shows you the way your website is perceived by Google when its bots crawl the site.

You have the option to ‘Fetch’ or ‘Fetch and Render’. ‘Fetch and Render’ offers a more in-depth view of your site so, if you are trying to recover from a malware attack, this is the option you should choose.


Webmaster Tools


External scripts on a website should be verified and updated. WordPress themes and plugins, forum software and e-commerce solutions can be targeted by hackers who aim to exploit weaknesses in the scripts.

Always ensure that third-party software is kept up to date and, if you suspect that one of these scripts is causing your problem, disable it until the issue is resolved.

If necessary, disable every third-party plugin until you have identified the cause of your difficulties.


Request a review

When you are confident that your site is free of infection, it is time to ask Google to look at your website and remove its malware warning from search results.

You can request a review from within Google Webmaster Tools via the ‘Request for Review’ link.

This option is not always immediately available but should appear within the Webmaster Tools interface within a few hours of the site being cleaned of the infected scripts.



It can be tricky to recover from a malware attack; preventing it from happening in the first place by using a great firewall, up-to-date software and complex passwords is preferable.

However, if you do find yourself being targeted with malicious scripts, take the steps above to regain control of your site as quickly as possible


Your Say!

Has your site been blocked due to malware infections? How did you resolve this problem, and how long did it take to get relisted in Google again? Drop us a comment below.

Written by

Nathan Preedy

Nathan has been with team.blue since 2005 and has a background in Technical Support. He is passionate about helping customers find the best product for them and use it to its full potential.