If you operate a WordPress website and you come across this error “this site contains harmful programs”, you do not have to hit that panic button. The error is easily resolved and usually Google tags your website as containing malicious code in the form of a malaware or a Trojan, which is why this error creeps in the first place. Chances are that you have monetized your website and are currently displaying low quality ads on your website, which contain malicious code or you could be operating external plugins which are doing the same. But the point is that you need to first get the malicious code removed from your website and the way to make that happen is by scanning your website for malicious codes and doing the needful. You can also check using Google’s safe browsing tool, just enter your website in place of ‘your domain’ and you should soon know more about the malicious code.
Now that you know why the error happened in the first place, here’s what you need to do to fix the same. But before that, you may want to do a complete backup of your website for obvious reasons.
It could well be that the plugin that you are using on your website could contain the malicious code in which case, you need to access your root directory through the FTP that your web host would have provided you with. Once you are logged in, head over to public_html folder and locate the wp_content folder and the plugins folder should show up in the same. Now, all that’s left is for you to change the name of the plugin folder to something else and this should help deactivate the entire folder. Now, change it back and deactivate the plugin that was pointed out to you as containing the malicious code. Now, reload your website and analyze it again to see if the malicious code has been removed effectively from your website.
It could well be that some of your theme files have been corrupted and some may even contain malicious code. This usually happens when someone hacks into your website, and the only thing that you can do is to remove the corrupted files and replace them with fresh ones. So download a fresh new copy from WordPress.org. Now, access your root directory with the help of your FTP client and download wp-content file to your system. Now, replace the wp-content file in the just downloaded copy of your theme files and upload the same to your root directory. Now, you should be able to reload your website and check the same to see if it contains any more malicious code. And if it does not, then it may be time to let Google know that your website is free from malicious codes and that they should remove the warning and generally, after checking out your website, they’ll oblige.
3. Removing the backdoor:
The fact that your website contains malicious code can be bad enough, but the fact remains that your website does contain the same, either in the form of low quality ads that link up to dubious websites, corrupted themes, corrupted plugins and the list goes on. Just removing the malicious code is not going to do the trick for Google to remove the warning completely from your website. You need to locate the remove the backdoor or else, you are going to end up with the malicious code, all over again. Backdoor is generally a method by which you bypass normal authentication protocols, gain access to the server and remain undetected. Hackers usually employ such methods to hack into websites and insert malicious code which is why it is essential that you track down the backdoor and delete it right away so as to prevent the above scenario from taking place again. Granted that this may sound overwhelming to those who are not that tech savvy so the better option is to use security plugins that can help monitor your website, round the clock and remove any backdoors in the process. In fact, one of the most widely recommended security plugins happens to be Sucuri, and please note that this is not a free plugin but a premium one and that it comes with a reasonable price tag. Using this security plugin should enable you to track down the backdoor and eliminate it altogether. There are also other security plugins that you can use to ensure that your website remains free from any and all forms of malicious codes.
4. Getting the warning removed by Google:
Once you are sure that your website is completely free from any malicious code and that you have removed any and all backdoors, then you can contact Google and apprise them of the current situation. You will need to use your Google webmaster tools for the same; you will first need to add your website to Google webmaster tools and login. Once you have logged in, you should check under security issues section in the webmaster tools and it should list the issue that you are facing at the moment. This particular page, should list all the issues that Google may have found on your website, during their last review.
You should also see a link of resources to help clean up your website as well. And since you have removed all backdoors and malicious codes, you can contact Google by clicking on the checkbox and requesting them to review it again. And if you do not see any security issues listed on the security page, then you need to use the “report incorrect phishing warning” to contact Google and let them know of the same. You need to use this page, to let Google know about the current status of your website, and the fact that that it contains no malicious code at the moment. And ask them to review your website, and once they confirm the same, that your website is indeed clean, they should remove the warning from your website altogether.