Over the past few months, a lot of website owners have received “uncommon download” warnings from Google Search Console. These warnings can be vague, often lacking specific information about where the download is, exactly.
Don’t panic — a lot of these seem to be false positives and you can just request a review. Read on to be sure your site is safe before you check the box and click the button.
If you aren’t familiar with Google Search Console, you should sign up — it’s free and totally worth it.
This “uncommon download” warning doesn’t mean that your website is hacked or serving malware… but it’s worth considering that as a possibility.
From what we understand, Google Safe Browsing scanners can’t verify the download as safe. In other cases, there is something fishy about your website that violates Google’s guidelines. This includes deceptive practices (i.e. a “play” button that leads to a download).
Advice for “Uncommon Download” Warnings
To remove the Uncommon Download warning from Google Search Console:
- Run quick scan with our free SiteCheck tool to see if there is any visible malware on your website.
- Review the warning in Google Search Console — if Google provides a location for the download or malware warnings, investigate those first.
- Audit the downloadable files (including ZIPs) on your website, and remove them if they violate Google’s download guidelines.
- If all this seems to be good, then you can just request a security review and see what happens.
This advice comes straight from John Muller (Webmaster Trends Analyst at Google):
I’d recommend just requesting review and ignoring it unless it comes back with malware. Uncommon downloads can be pretty common, we warn the site owner about them, but they won’t cause problems otherwise on your site.
— 🍌 John 🍌 (@JohnMu) December 20, 2019
A review can take from a few days to a few weeks to complete, and it’s possible that the warnings will recur. The general advice is to continue requesting a review until you get specific information from Google. We assume that, as Google Safe Browsing refines its warnings, more information will become available.
Google Search Console Security Issues
If you own or manage a website, you should sign up for free webmaster tools from search engines. Not only do they give you analytics and controls for appearing in search results, these consoles can also alert you to security issues and bad practices.
Here is a list of possible security issues in Google Search Console:
- Deceptive pages
- Deceptive embedded resources
- Hacked type: Code injection
- Hacked type: Content injection
- Hacked type: URL injection
- Uncommon downloads
- Harmful downloads
- Links to harmful downloads
- Unclear mobile billing
These warnings continue to expand on Google Safe Browsing’s mission of making sure Google users are protected from dangerous, shady, or hacked websites.
This is a reminder to stay informed about your website’s security status, and remember that security is a continuous process.
As you might imagine, it can cause undue stress for website owners when Google issues dire-sounding security alerts with no definitive next steps. But there is another route toward confidence in website security.
A web application firewall (WAF) uses constantly updated definitions to ensure even the most recent threats are blocked before they can infect a site. With your site behind a WAF, the chances of malware infection drop significantly. Some providers, such as Sucuri, also offer free technical assistance, so there’s a source for answers from a knowledgeable professional.