It’s a horrible experience to Google your company and find that your website has a warning on it on the search engine results page. Some of the warnings you might see include, “This site may contain malware,” “This site may be hacked,” or “This site may harm your computer.” What do these website warnings mean, where do they come from, and what can you do to fix them?
Recently, a blogger expressed his belief that Google uses these messages, along with “403 forbidden” messages, to censor right-wing political content. This is a creative idea, but there is no evidence supporting it.
Where do website warnings come from?
The ones you see on the Google search results page come from Google, as the blogger mentioned above surmised. “Who gives Google the right to protect my computer?” he demands. “Who gives Google the right to prevent me from seeing certain content on the internet?”
Google isn’t preventing you from clicking through with those warnings. The idea is to help you avoid damaging your computer by hanging out at infected websites. I don’t know who gives Google the right to do this, but we should be glad they do it. We’ve been asked to help people with these problems many times, and every single time they have had malware on their websites. In no case have I seen any political content on these websites.
I believe that the blogger found these warnings on political websites sharing extreme views. They’re probably popular targets for hackers. The hacker also says that he has seen these warnings on websites he has visited before with no bad effects. This is right up there with, “I’ve eaten food from leaky cans plenty of times and I never got botulism.”
Avoiding websites that have been hacked and infected with malware is a smart choice.
403 Forbidden warnings just mean that there is a technical error of some kind on the page you are trying to visit, or that the owner of that website has literally forbidden people to visit that page. Often by mistake, with a typo in the code. These are not warnings from Google, or indeed from anyone. They are messages from the website, like 404 Page Not Found messages. These are not connected with censorship.
What if your website has a warning?
Do not leap to the conclusion that Google is censoring you. Instead, assume that your website has been hacked. Here’s what you should do:
- If you use the Google Search Console, check it for any further information.
- Contact your webhost immediately. They should be able to replace the infected site with an earlier version of the website (maybe just a few days earlier) that is clean.
- Consider changing your webhost. In our experience, this is almost always a hosting issue.
- Check back with the Google Search Console as soon as you believe that everything is clean.
- Request a review in the “Security Issues” section of the Console. The message will disappear when the problem is cleared up.
Google offers more details.
How to avoid website warnings
Hackers are criminals, and any website can be a victim of an attack. Some attacks are personal, but most are crimes of opportunity. However, we have found that there are two things the hacked sites we see generally have in common:
- They are hosted in cheap, mass hosting plans for a few dollars a month. If this is a disposable website, that’s fine. If it’s your business website, use a professional hosting company. We use WPEngine, and we like them so much that we’re offering you this special deal: Get 4 and 1/2 months free on annual plans all December. Use code webweek25. Expires 12/31/2016.
- They have no webmaster. That is to say, no one is taking care of them. You need to get into the admin area of your WordPress website pretty regularly and update things. Whatever your platform or CMS, you need to plan on a bit of maintenance in order to avoid problems.