Google Explains Malware Warning Policy & How To Fix Your Site
Some search industry watchers have called Google the “internet’s traffic cop,” and it’s a role Google seems to be growing more comfortable in, too. Late last week, for example, Google published an explanation of how it handles pages that are found to house malware, and how webmasters can clean up the problem and get back […]
Some search industry watchers have called Google the “internet’s traffic cop,” and it’s a role Google seems to be growing more comfortable in, too. Late last week, for example, Google published an explanation of how it handles pages that are found to house malware, and how webmasters can clean up the problem and get back in Google’s good graces.
What Google Does
As the blog post explains, Google uses scanners that look for web pages that have been compromised by spyware, viruses, worms, and other types of malware. When the scanners find such a page, they add a warning to the search results: “This site may harm your computer.” It looks like this:
As you can imagine, that warning can have a dramatic, negative impact on a site’s referral traffic from Google. Some webmasters have complained that Google doesn’t provide advance notice before that warning message is placed in the search results. Google’s Oliver Fisher explains that webmasters are alerted by email and via Webmaster Tools, but not in advance of the warning message for searchers:
“As a user, I’d be pretty annoyed if Google sent me to a site it knew was dangerous. Even a short delay would expose some users to that risk, and it doesn’t seem justified. I know it’s frustrating for a webmaster to see a malware label on their website. But, ultimately, protecting users against malware makes the internet a safer place and everyone benefits, both webmasters and users.”
What A Webmaster Can Do
If your site gets the malware warning notice, Google has a few tips to fix the problem:
Learn More About Security: The Google Webmaster Central blog has previously shared these tips and this security checklist. You can also learn more at Stopbadware.org and get help in their Google Groups forum.
Find The Flagged Pages: Some of the offending pages will be listed in your Webmaster Tools account. You can also use this SafeBrowsing diagnostic page to get more specifics about what Google’s scanners found:
The SafeBrowsing diagnostics page can be reached at http://www.google.com/safebrowsing/diagnostic?site=yourdomain.com.
Fix The Problem: No explanation needed.
Request A Malware Review: Once your site is cleaned up, you can request a review via Webmaster Tools. Google’s post emphasizes that this is not the same as a reconsideration request: “…if your site has a malware label, a reconsideration request won’t do any good — for malware you need to file a malware review from the Overview page.”
If your site is found to be clean, Google says it should take anywhere from a few hours to a “day or so” for the warning label to be removed from the search results.
It’s also worth nothing that Google recently announced a test program that will alert webmasters if their publishing platform might be vulnerable to security exploits. The test is being done initially on sites using WordPress 2.1.1, a version of WordPress known to have security problems. Webmasters running that software will get a message in Webmaster Tools warning them of the potential for being hacked.
NOTE: If you saw a malware warning on Jan. 31, 2009, this was due to an error that briefly impacted all web sites. See Google Gets Fearful, Flags Entire Internet As Malware Briefly, for more.
Opinions expressed in this article are those of the guest author and not necessarily Search Engine Land. Staff authors are listed here.