If you get to a website and you see the warning “Site Ahead Contains Malware”, you need to act fast.

If it’s not your site, you need to turn around because there could be malware on the website you are trying to access.

If the site ahead happens to be your own site, you need to act fast to fix the situation. This message indicates that your website is either infected with malware and/or has been hacked. Google crawls websites regularly to add new or updated content to the search index. These crawlers also can detect if your site has a malware infection.

If Google or other search crawlers find malware on your site, they immediately flag your site and display this warning to protect users from accessing the web site. This warning has detrimental effects on SEO, site traffic, and your credibility. It can also lead to your web host suspending your hosting account.

Why did your WordPress website get hacked?

Websites get hacked for the following reasons:

• economic gain
• drive-by downloads – malware injections
• black hat SEO
• system resources
• hacktivism

How did your WordPress website get hacked?

Malware can infect your site in a number of ways:

1. Plugins – An infection could have come through the plugins installed on your website. This can happen for several different reasons – a) old plugins without recent updates are prone to vulnerabilities; b) pirate software is free but often contains malware; c) you may have installed a plugin from an untrusted source.
2. Your Computer Might Have Malware – Often when a computer is infected with malware, uploading a file to a website can lead to a website infected with malware.
3. Brute-force attacks by hackers – Hackers can use a brute-force attack to guess your username and password and break into your website.

What do you do if your site now say’s “The Site Ahead Contains Malware”?

It’s important that you act fast. You will have to remove the malware from the website and then submit your website to Google for review. Google’s safe browsing policies that you need to follow before you submit your site for review are:

• You need to log into Google Search Console and prove you are the owner of your website.
• You need to make sure that your website is clean and free of any malware infections or backdoors.
• You need to fix the vulnerability that led to the hack. We recommend installing the premium version of Wordfence.
• If your host has suspended you for malware, you need to contact them and request they remove the suspension. Your website needs to be back online prior to submitting it to Google for review.
• Call Connect4 Consulting at 202-236-2968 so we can help you with these steps.

How do you prevent “The Site Ahead Contains Malware” from happening again in the future?

If you’ve ever had the misfortune of finding yourself in this situation, it is imperative that you do everything possible to prevent it from happening again. To do that, implement the following procedures:

• Make sure someone is actively managing the hosting of your website. That means you need to make sure that all plugins and WordPress are updated as soon as updates are available. You can’t just rely on hosting alone.
• Install Wordfence or Wordfence Premium to protect your website.
• Update WordPress regularly.
• Only use trusted themes and plugins – stay away from free plugins or themes – particularly if there have been no updates in the last 3 months or more.
• Remove inactive themes and plugins – the more elements you have on your website, the greater the opportunities a hacker has to break into your website.
• Update website passwords, remove inactive users, limit login attempts, install an SSL Certificate.