It's WebARX Birthday Month

We challenge you to a game to win 1 YEAR FREE subscription.

Website security

What is Google Blacklist?


Updated: September 14, 2020 by Agnes Talalaev

Google quarantines around 10,000 suspicious websites every day and puts them on a “Google blacklist”. When a website is added to a blacklist it means that Google and different search engines and anti-virus companies are marking the website not secure to visit.

There are several reasons why you would think that your site is Google blacklist or URL blacklist. One, for example, is when you see your website traffic dropping rapidly. But it never hurts to check if your pages are still being indexed by Google.

Google uses specific algorithms and keeps updating the algorithms from time to time. If web crawlers label and categorize anything unsafe they will add the websites into Google blacklist.

We have helped hundreds of website owners get their site re-ranked and cleaned. In most cases, we see that websites are added to Google blacklist when they are infected with malware. So the first step to getting your site out of the Google blacklist is to clean the infected site.

You can read more about how we clean sites from malware here.

Is your website Blacklisted?

You can quickly check it out from WebARX portal.

Check it out now
Google Blacklist

How to recognize the sites that are added to google blacklist?

You can recognize the sites added to the Google blacklist or URL blacklist by seeing the display message “This site may harm your computer” in search results.

This will serve as a warning that prompts most users to stay away.  For this warning consumers are grateful but at the same time, the businesses or website owners panic.

google blacklist

There are different warnings to inform people about sites that are harmful, some of those are: 

  • “The site ahead contains malware/harmful programs”
  • “Reported Attack Page!”
  • “Danger Malware Ahead”
  • “This website has been reported as unsafe”
  • and many more.

It’s a real pain because one thing is to get your site hacked, spreading malware, but when the website is in a blacklist, it means, that malware has been on the site for some time.

Not only your website needs a cleanup but also your own and your visitor’s computers.

What happens when a website is on a blacklist?

When a website is in a blacklist, the search engine is expelling a site from their list. When a website is blacklisted, it loses almost 95% of its organic traffic, which can rapidly affect revenue.

Usually, a website gets into blacklist when it contains something harmful to the user, for example, malware.

If your website is on a Google blacklist, there are two primary approaches to recovering a hacked site:

  1. Do it yourself, if you have the needed knowledge.
  2. Find a trusted service provider if the technical tasks are outside your skillset.

Take a look at the video below, which will explain why and how websites end up in Google blacklist.

How do I get off Google Blacklist?

For many website owners, malware and other harmful scripts can stay on the website for a while. Most of the malicious programs are built to stay undetected and without the technical knowledge and with the “eye” to see the changes, it’s hard to spot the differences.

We have contacted even schools, whose websites have been redirecting visitors for years to different malicious sites and webmasters in schools can’t spot the problem so it stays unresolved.

If you see one of these, the site is definitely on a blacklist.

google blacklist website got blacklisted webarx

There are many scanners where you can scan your website to detect the vulnerabilities or possible malware on the site. Google is also giving a piece of good advice if you are suspecting that your website could be hacked.

Follow the steps below if:

  • You’ve been alerted by Google that your site is hacked.
  • You see a warning in Google search that your site is hacked or compromised.
  • You’re not sure if your site is actually hacked, but things look fishy.

If you’re still unsure if your site is actually hacked, or when you think the site was incorrectly flagged, start by registering your site in Search Console to do a google blacklist check.

Go to the Manual Actions or the Security Issues sections of the Search Console and look for example URLs where Google detected that your site has been hacked.

If you’re unable to see hacked content on the URLs provided in Search Console, the hacked content might be using a technique known as cloaking.

Cloaking is a search engine optimization (SEO) technique in which the content presented to the search engine spider is different from that presented to the user’s browser. This is done by delivering content based on the IP addresses or the User-Agent HTTP header of the user requesting the page.

So basically, the malware is hiding from being detected.

To check for cloaking, use the Hacked Sites Troubleshooter. The troubleshooter will walk you through a few tools like the site: search operator and Fetch as Google that can help you uncover any cloaked content.

After you’ve double-checked your pages and you’re still convinced that your site was incorrectly flagged, post in the Webmaster Help Forums (source: Google).

Steps of getting out of the Google Blacklist

Now we will go over how to remove your site from Google Blacklist. If you wish to leave this to professionals, we are happy to help. You can contact WebARX security engineers by sending us an email to support@webarxsecurity.com or writing to live support chat on the bottom right corner.

Step 1: head to Google Console

To get your site back in working condition the first thing you should do it head to Google Search Console. If you don’t have an account yet, start by making an account.

Example: Google Search Console, January 2020

When you have made an account you need to add a property. In other words, you need to add your site to Google Search Console.

You can do that by clicking on the dropdown menu in the left upper corner. In the example above you can see the little arrow next to samplesite.com.

When you click on the dropdown menu you will see an option with the text +Add Property. After clicking add property you will see a popup as seen below.

Adding a property to Google Search Console.

Then add the URL of your site you are doing the blacklist removal for. Add the site and click continue. Now Google will start to verify your site and then asks for you to verify ownership.

You can verify ownership of a site by uploading a special HTML file to your site. This will be seen as a popup after you have clicked verify. The file is usually put to the main folder where your websites index.php is.

Keep in mind that the file is tied to a specific user. If you need additional help you can follow the instructions on the verification details page.

Also, if you remove the verification file from your site, it will cause you to lose verification for the site as well.

Now it will either show you a green “ownership verified” notification or red “Ownership verification failed” notification. When you see the red one as seen below, you will usually get the failure reason and can act accordingly.

Screenshot from gotchseo.com

Step 2: security issues detected

Now when your site has been verified, you should go to your property and see what will it show. You should see a security issue warning on the screen. It looks like the screenshot below.

Then go ahead and open the report.

In the report, you can see Google giving conveniently a list of URLs it sees a problem with.

Screenshot from searchengineland.com

Step 3: clean your website

Now that you know which URLs are affected on your site, you can take action by cleaning the sites. There are two options.

The first one is to perform the malware removal yourself. You can find a comprehensive malware removal guide for WordPress sites here.

The second option is to turn to professionals and ask for manual malware removal from those who do it on a daily basis.

Why should you question “one-click malware removal” tools and services?

We often see service providers that offer “daily malware removal”, “one-click malware removal” and similar services that seem to be working well for website owners because every time they do it, a report shows that the website is clean. And it seems to be good because it does it often.

Instead of throwing out the bad guys on a regular basis, maybe it’s time to make a real effort and instead of investing in a fancy bucket to throw water out of a sinking ship, invest in tools to keep the water out.

As you know, malware infection is the result of a problem. It does not make sense to focus on the consequences. As far as you don’t solve the problem, you will end up in a dead circle of infections and cleanups. So don’t go for scanners and automatic malware removal, get a hands-on manual service to clean and secure your site for good.

You can contact WebARX security engineers via support@webarxsecurity.com or go and check out this link if you have a WordPress site. We clean sites built on any CMS, for example, Joomla, Drupal, Magento or WordPress.

If the site has been cleaned, check the box “I have fixed the issues” and click “Request a review” as seen on the screenshot above.

Then you will need to explain how you addressed the problem. You can write something like “I have cleaned the site from malware and changed passwords” and then request a review.

It will usually take a couple of days for Google to review the site and remove the warnings from your site.

Frequently asked questions about Google Blacklist

What does it mean to be blacklisted by Google?

When a website is added to a blacklist it means that Google and different search engines and anti-virus companies are marking the website not secure to visit. It can mean that your site has been infected with malware and needs immediate care.

How do I know my site in on Google Blacklist?

– You can recognize the sites added to Google blacklist by seeing the display message “This site may harm your computer” in search results.
– Search traffic has rapidly dropped. It’s good to check your Google Console or Analytics for traffic reports and see if it has dropped a lot.
– You’ve been alerted by Google.

Read more from here.

How do I get off Google blacklist?

The steps to submit your site for a review are:
1. Go to Google Console.
2. Add you site as a property.
3. Check the issues Google notifies you about.
4. Find a service provider or do the clean-up of your site.
5. Select, I have fixed these issues.
6. Click: Request a Review.

What happens when a site is on blacklist?

When a website is in a blacklist, the search engine is expelling a site from their list. When a website is blacklisted, it loses almost 95% of its organic traffic, which can rapidly affect revenue.

What is Google quarantine list?

Google quarantines around 10,000 suspicious websites every day and puts them on a “Google blacklist”. Google quarantine list is just another way of saying Google blacklist or URL blacklist.

What kind of websites will the search engine blacklist?

Usually, websites that end up in a blacklist are either hacked, infected with malware or have some irregularities, that Google finds suspicious.

Website security

suggested articles

Start your free 7-day trial now

Protect your websites from malicious traffic - set-up in under 3 minutes.

Try it now

WebARX is compatible with the following platforms:

PHP
WordPress
Magento
Drupal
Joomla