Discovering that your website has been hacked and infected with malware is a dreaded situation, particularly when Google and Google Chrome issue the ominous warning “The site ahead causes malware”, or “This site contains malware”. If you see this message, it’s super frustrating and concerning.
If your website has been detected with malware by Google search, it’s important to take action to remove the malware and get it reinstated. Here are the steps you can take to reinstate your website after malware has been detected by Google:
- Scan your website for malware: Use a reputable malware scanner to scan your website and identify the infected files. This will help you to understand the scope of the problem and what needs to be fixed. For WordPress sites, WordFence has a decent malware scanner.
- Remove the malware: Once you have identified the infected files, you need to remove the malware from your website. You may need to manually remove some files or use a security plugin to automate the process.
- Request a malware review from Google. If you don’t already have a Google Search Console account, create one and confirm your website. After removing the malware, you need to request a malware review from Google. This will prompt Google to check your website and verify that the malware has been removed.
- Submit a reconsideration request: If Google finds that the malware has been removed, you can submit a reconsideration request to have your website reinstated. In this request, explain the steps you have taken to remove the malware and prevent it from happening again.
- Once you have submitted your reconsideration request, you will need to wait for confirmation from Google that your website has been reinstated. This process should only take a day or so but could take more time, so be patient and continue to monitor your website for any signs of malware.
- Prevent future malware infections: To prevent future malware infections, make sure you keep your website up to date with the latest security patches and use reputable security plugins. Regularly scan your website for malware and take immediate action if you detect any issues. Reset passwords and check user access to make sure no one has access that shouldn’t have access.
If you’re worried about your site getting hacked and don’t have the time to make updates, consider signing up for a WordPress maintenance service.