Finding & Fixing Google Blocklist Warnings

When a website is added to a blocklist by blocklist authorities it can be painfully stressful for their business. SEO rankings take a dive, and loss in revenue/traffic is hit even harder if not resolved quickly. In this article we’ll be discussing what blocklists are exactly, why you should consider them when starting a website, and how to identify & rectify if you’re on any.

What is a Google blocklist?

Blocklists are essentially a database which uses pieces of information to determine if an IP or domain is sending malicious messages or hosting malicious content. Google’s blocklist (also known as a “blacklist”) is a list of sites they deem suspicious, and mark as “not secure to visit.” 

There are many anti-virus companies that also have their own blocklists too, these are all known as “blocklist authorities,” or “blacklist authorities.” They employ crawlers, bots, and other proprietary tools that independently explore websites, and add the dangerous ones to their blocklist index. It’s important to note Google’s blocklist is very different from being deindexed

There are some occasions where a site may be blocklisted, but in fact be an incorrect listing by the blocklist authority, this is what’s known as a “false-positive”. Some vendors have a higher false positive rate than others. Google tends to be the lowest and most accurate.

Why blocklists matter & why they occur

Due to the ever more wily nature of the web, blocklists help the average user avoid being phished, infected, or scammed. Without blocklists, malware and phishing campaigns would be even more rampant than they already are. With that being said, getting added to a blocklist can really damage an average site’s reputation. All of the time invested into an SEO strategy is suddenly lost, along with organic traffic and page views. Visitors receive a warning like the one shown above, which highly encourages users to click away.

How to find out if you’re on a blocklist

The best way to determine if you’re on Google’s blocklist is by accessing your own URL, logged out of the administrator dashboard. Another option is also using the Google Search Console, which will alert you if your site has been blocklisted. In regards to other blocklist authorities, our SiteCheck scanner will be useful in determining if there are any other blocklists your site may be under. VirusTotal is also a very helpful resource to check the widest variety of vendors to see if your website is flagged.

How to fix being on a blocklist

Getting your site off a blocklist can be a bit of a process. The first step is scanning your site to ensure it is clean from any malware. Once the clean up is complete, implement  protection and change all passwords so a re-infection doesn’t occur. Some vendors, particularly Google, will often give you the exact URL which is responsible for the blocklist, and is usually the location of the infection.

We’ll discuss these measures in greater detail later. After post-hack protection has been set up, report the results back to each blocklist authority that has currently blocklisted the site. Alternatively,you can have an Incident Response team like Sucuri reach out to each of them on your behalf. Depending on the blocklist authority, their response can take some time.Generally within 24 – 72 hours the site should be removed from their blocklist.

How to avoid blocklists moving forward

Update your CMS, theme and plugin versions to prevent any reinfections or blocklists in the future. It is highly recommended to update all passwords and keep additional account permissions to a minimum. Install a scanning plugin that runs in the background to detect modifications made to files, or malicious content injected. We also have a step by step WordPress guide where you can check off the post-hack measures taken.

Configuring a firewall is also recommended. This will immediately block malicious IPs and requests from accessing the site. A firewall patches vulnerabilities if updates to the site aren’t made. Firewalls also block random users from accessing the administrator login panel, accepting only “allowlisted” IP if configured correctly.

In Conclusion

We understand that not every site owner anticipates they’ll be the target of an attack, and sometimes an infection can go unnoticed for months. When an infection goes unnoticed for so long, this is when SEO, site traffic, and revenue really takes a punch. This is why we make it our goal at Sucuri to give site owners visibility of the impacts before they occur, or at least help people understand how they can take care of their site & business moving forward. If you’ve determined that you’ve been impacted by a blocklist, please don’t hesitate to have our team get involved in cleaning your site. We’re here to help!

You May Also Like