Getting Rid of the Google Website Warning - November 10th, 2009
We've had such good response and interest in our white paper on "How to Remove the Google Website Warning" that we wanted to re-publicize this useful resource on our security site for newer readers.
To provide a little background, we first started looking into the Google security warning when a number of organizations started getting hacked, with malicious scripts being put onto their websites that could pose a threat to any visitor. These organizations contacted us to try to fix their problem, which typically involved not only scrubbing the bad code off their infected websites, but undertaking a more comprehensive web security assessment, to find the vulnerabilities and enable fixes to close the holes that had led to the breaches in the first place. The reason these organizations even found out that they were hacked (possibly after months of not knowing) was that Google had labeled all search results for their websites with a dreaded "This site may harm your computer" warning, which was driving away traffic -- and business.
Removing that warning isn't necessarily easy. You can't just call up Google and ask them to change your status. First you have to use Google’s Safe Browsing diagnostics pageto help you determine what kind of badware (malware, spyware) Google detected on your organization’s website. Use the URL, http://www.google.com/safebrowsing/diagnostic?site=http://malware.testing.google.test/testing/malware/ and insert your own website address into the section after /diagnostic?site=
This page will show you the following information:
• Whether the current listing status for the site is suspicious or not suspicious in search engines
• What happened when Google visited the site
• If the site acted as an intermediary for malware distribution
• Whether the site hosted malware
• How malware became present on the site.
• Instructions for next steps to take
After that, you can move to the stage of actually fixing the problems. You don't want to just keep deleting and replacing your website (assuming you've got a reliable backup) since the same problems that led to your site getting hacked will ensure it gets affected again. Vulnerabilities must be fixed. To get more information on how to proceed, read the full white paper, "This Site May Harm Your Computer" - How to Remove the Google Website Warning