McAfee blacklists thousands of websites every day. For most website owners, the various warnings McAfee can show about your website and dealing with them can seem like a challenging task.
This knowledgebase article will help you understand what the cautionary message indicates and how to resolve this security warning.
This article covers McAfee SiteAdvisor Blacklists, not the warnings displayed in Google Search Engine Result Pages (SERPs). Looking to remove Google Blacklists warnings?
Common Signs Your Site May Be Blacklisted by McAfee SiteAdvisor
Some big signs your site may be infected with something include:
- The McAfee WebAdvisor presents an error saying the site is risky or is insecure.
- You see a lot of spam links and redirects in your Google Search Console.
- Website files and images seem to have changed and you haven’t made the changes.
- Your web host has notified you of malware infecting your website.
- Your anti-virus or anti-malware software prevents you from visiting the site in your browser.
What Do These McAfee SiteAdvisor “Blocks” Look Like When They Happen?
Typically when McAfee has blacklisted a site and you try to access it using Chrome, or another browser using a computer protected by McAfee, you’ll see a screen that looks similar to the one below:
McAfee WebAdvisor Warning Showing A Potentially Dangerous Site
What Does This Mean & How Can I Resolve It?
This error indicates McAfee has placed the website you’re trying to access on their blacklist. More than likely, the site is infected with malware.
You may have the option to continue to the website, or depending on McAfee’s perceived severity of the problem with the website, you may not be able to access it at all without whitelisting it in your McAfee WebAdvisor Control Panel.
Other Examples Of McAfee SiteAdvisor Blacklist Warning Messages
The major browsers, Chrome and Firefox, use the Google Safe Browsing API to help people steer clear of websites they suspect to be infected or compromised. Other browsers however, may not display the warnings in the same way as Chrome or Firefox, and they may not be using the Google Safe Browsing API. Here are some examples of the various ways other browsers may warn you about a potentially compromised website:
- This website may harm your computer.
- This site may be hacked.
- Deceptive site ahead.
- This website has been reported as unsafe.
- The site you are trying to access contains malware or harmful programs.
- Phishing attack or site detected.
- The page you are trying to access is attempting to load scripts from unauthenticated or unsecure sources.
- Warning: Potential Security Risk Ahead.
How To Resolve McAfee WebAdvisor Warnings
Websites lose 95% of their traffic (if not more) when a service like Google or McAfee WebAdvisor blacklists a site. They (McAfee) aren’t out to get you personally, it’s just that McAfee has a duty to protect users of it’s software from potentially dangerous websites.
Checking The Safe Browsing Status Of Any Website
McAfee has a method to check the Safe Browsing status of any website here. You should be aware of this tool as it’s quite useful in checking on sites you maintain periodically, rather than being informed by the users after it happens.
Get Google Search Console
Google Search Console, formerly known as Google Webmaster Tools, is an absolute must when it comes to managing how Google interacts and indexes content on your website. Google Search Console is the first step in getting Google’s attention, i.e. getting your business or website in their search results, and on other Google platforms, such as Maps.
If your site is blacklisted, you’ll need to use the Google Search Console to inform Google you’ve taken the appropriate steps to remove whatever “infection” or “compromise” your site had and are ready for them to review your site for removal from their blacklist.
To remove the blacklist warning, you need to let Google know that you have completely cleared the infection. To do this, you must have a Google Search Console account (formerly Webmaster Tools).
To verify ownership of your website in Google Search Console:
- Open Google Search Console.
- Click Search Console and sign in with your Google account.
- Click add a site and enter your website’s URL, then click continue.
- Verify your site using their recommended method or alternate methods options.
- Click add a site, then verify.
- Review the Security & Manual Actions section to review any warnings, and resolve as necessary.
- If you have warnings to resolve, you will be given steps to resolve them and notify Google you have fixed the problem and are requesting a review of your website for removal from their blacklist.
You should determine what exactly is blacklisted by Google. On the Google Search Console page for your website, click on Security Issues and you will find the URLs that are being detected. If the URL is a directory, each folder and page below it must be checked for malware.
Scan Your Website
There are numerous free tools online you can use to scan your site and identify the malware or “infection” causing McAfee to flag the site. Two of the best are listed below:
To scan your website for hacks and blacklist warnings using Sucuri SiteCheck:
- Visit the Sucuri SiteCheck website and enter your website URL.
- Click Scan Website.
- If the site is infected, note any payloads and file locations found by SiteCheck.
- Click Blacklist Status to see if you’ve been blacklisted by other authorities besides McAfee SiteAdvisor.
If SiteCheck is able to find something wrong with the website, this can help narrow your search. you can also use other tools such as UnmaskParasites.
For Content Management Systems, such as WordPress or Joomla, you can safely rebuild the site using new copies of your core files and extensions directly from the official repositories. Custom files can be replaced with a recent backup—as long as it’s not infected.
How to Request a Removal from McAfee SiteAdvisor Blacklist
McAfee Customer Ticketing System
To request a review of your site on McAfee to remove blacklist:
- Visit the ticketing service for McAfee SiteAdvisor.
- Choose McAfee SiteAdvisor/WebControl (Enterprise) from the list.
- Type in your URL and click Check URL.
- Review the Reputation and Categorization for your site.
- Click Submit URL for Review.
It may take then 2-3 business days to get back to you and confirm they have removed your site from their blacklist.
Determine When And Why This Happened
Common causes of infected / compromised websites which are blacklisted include:
- Outdated Plugins
- Outdated App Installation, i.e. you are running an old version of Drupal, Joomla, or WordPress.
- Not using CAPTCHAS on areas where there is user input, such as form fields, login fields, comment & review fields.
- You can ask your Web Host to restore your website to a date prior to this date. Following the restore, you would want to login to your website’s admin area and immediately update your app and/or plugins to the latest versions to prevent the hack from taking place again, if it was caused by an outdated website app, like WordPress or Drupal version, or an outdated plugin.
Preventing This From Happening Again
Preventing your website from being hacked or compromised isn’t a task that requires your attention 100% of the day/night. However, you should definitely be mindful of some basics when it comes to website security:
Invest in Rock-solid Web Hosting
Every web host out there should take security very seriously. The reason why it is essential that you choose a web host you can rely on for your business.
Because of BitNinja’s outstanding services, we claim that we have 99.99% uptime. We have bulletproof security; our servers are highly efficient and been giving remarkable services. And our customers have the least security concerns, and we have almost minimal server service and server maintenance issues and tickets.
This way we are adding an extra layer of protection compared to our competitors.
Perform regular backups
Make backups. Backing up your site is about creating a copy of all the site’s data, and storing it somewhere safe. That way, you can restore the site from that backup copy in case anything bad happens.
Most hosting providers now provide backups.UltaHost’s web hosting plans have free automated backups, that are stored offsite, allowing to be quickly restored so that you can rest easy knowing your data is safe!
Always keep your web application version and plugins up to date
Keep plugins and integrations you have enabled on your website updated. If you use any specific plugins that are developed by 3rd parties or small developers, it might be wise to follow their social media and note if they post anything about an update being pushed out for the plugin/app.
If you are using WordPress, enable auto-updates for your plugins and themes. This is a super helpful feature that was recently released in WordPress that will save you a lot of time.
We recently published a blog on what CAPTCHAS are, why they are important, and how to setup WordPress CAPTCHA. CAPTCHAS keep robots from sending code with nefarious purposes through your contact forms, review forms, login / password reset forms, and comment fields.
Use Smart Usernames and Strong Passwords
Be wise when it comes to your username and password for your administration dashboard. Avoid using a username as “admin” and always choose a complex password. Don’t use “admin” as your username but instead use a unique username for the administrator that is not related to your domain name.
Make sure to choose a complex password. Alternatively, you can use an online tool like 1Password Password Generator.
If you are managing multiple sites, it is prudent to use different passwords. The best way is to use an online password manager such as 1 Password, which offers a free subscription.
Disable directory listing
By default, when your web server does not find an index file (index.php or index.html), it automatically displays an index page showing the files and folders in that web directory. files and folders in that web directory.
This could make your site vulnerable to attacks by revealing the critical information needed by hackers to take advantage of a vulnerability in a WordPress plugin, theme, or your server in general.
Just add the following line in the site’s .htaccess file located in the root directory of your website.
If you are a UltaHost customer, we have you covered. By default, the directory listing is disabled on our servers.
Use HTTPS for Encrypted Connections (SSL Certificate)
One of the most neglected ways to harden your WordPress website is to install an SSL certificate and run your site’s URL’s over HTTPS.
Many Web Hosting providers, including UltaHost, offer free SSL certificates with Let’s Encrypt.
The security and integrity of your website should be your top concern as a website administrator. If you are running an online store, having your website blacklisted will scare off existing and new customers alike and cause your website to fall to the bottom of Google Search Engine Result Pages, or *gasp* to page 2 of the results.
By taking simple steps to keep your website up to date and secure, such as updating plugins, using secure passwords, and making good use of CAPTCHAs, you can ensure your website won’t end up on a Google Blacklist. But, if it does, this article will help you get off that list and get back on track!
If you know any other security tips that may help, please feel free to let us know in the comments area.