If you or your visitors are seeing a big red message saying “The site ahead contains malware” or “The site ahead contains harmful programs” when you try to visit your site, this article will explain what’s happening and show you how to fix it.

This error displays in Google Chrome or when users click on a link in Google Search when Google deems that a website contains harmful content.

If visitors see this error when they try to visit your site, it likely means that someone has hacked your site or otherwise injected malware into your site.

In this post, we’ll tell you how to fix the problem, ensure that visitors can access your site, and limit the negative effect on your search engine rankings.

What Does “The site ahead contains malware” Mean?

Example of the error message
Example of the error message

To protect users, Google includes a tool called Safe Browsing to prevent users from accidentally visiting sites that might harm users’ computers. If a visitor tries to access a site that Google has flagged, Google will display the big red warning above. While it is possible for visitors to bypass the warning by clicking the Details button, most people will stay away from sites that Google has flagged.

There are a few different error messages, depending on the exact issue Google has found with a site:

  • The site ahead contains malware
  • Deceptive site ahead
  • The site ahead contains harmful programs
  • This page is trying to load scripts from unauthenticated sources
  • Continue to [site name]?

If you see one of these messages when you try to access your own site, it’s a big deal and you need to react quickly to fix the problem, otherwise your traffic and search engine rankings will be negatively affected.

So why is Google displaying this message to you and your site’s visitors?

Well, assuming you haven’t intentionally included malware (!) on your site, the most likely reason is that a malicious actor has gotten access to your site and is using your website as a vector to infect your visitors’ computers with malware or other malicious programs.

As such, the fix involves cleaning your site of this malware and then telling Google that you’ve cleaned everything up so that Google can reconsider your site and remove the warning.

How to Fix “The site ahead contains malware” Warning

Here are the steps that you’ll want to take…

1. Verify the Status of Your Website in Safe Browsing

To verify that your site does indeed have a problem, you can manually test your site against the Google Safe Browsing tool.

Go to the Safe Browsing site status page and enter your site’s URL:

Google Safe Browsing tool results
Google Safe Browsing tool results

If you’re using Google Search Console, Google will also send you a notice in Search Console whenever they add one of your sites to the Safe Browsing list.

2. Find the Malicious Code That’s Causing the Problem

There are a few different ways to find malware on your website. You can use external tools, plugins, or both.

Here are some great options to get you started…

Google Search Console

First, if you received a notice from Google Search Console about malicious code on your site, it usually provides some insights about the problem. Sometimes this just might be a list of infected URLs, while other times Google might list the malicious code that’s the issue:

Infected pages listed in Google Search Console
Infected pages listed in Google Search Console

You can find a list of potential issues in the Security issues of the Security & Manual Actions section in Google Search Console. If you haven’t already verified your site with Google Search Console, you can follow this Google site verification tutorial.

Security Issues are in Google Search Console
Security Issues are in Google Search Console

Sucuri SiteCheck

Sucuri is a popular website security service that provides a free malware scanner called Sucuri SiteCheck. To use it, all you do is plug in your website and Sucuri will run a variety of checks.

In the list of issues, you can click the More Details link to expand the details and view the specific malicious code in question. Later on, this will help you remove the malicious code from your server.

Details on malware in Sucuri SiteCheck
Details on malware in Sucuri SiteCheck

It’s important to understand that Sucuri SiteCheck only scans the front-end of your site. While this should be enough to detect the problem that’s causing the “The Site Ahead Contains Malware” message, it won’t necessarily find every bit of malware on your server, so you’ll want to make sure you’ve removed all the potential backdoors into your site.

Wordfence

Wordfence is the most popular WordPress security plugin. It comes in both a free and a premium version, but the free version should work fine for most malware situations.

Once you’ve installed and activated the plugin, you can go to Wordfence → Scan to run a malware scan:

Running a malware scan in Wordfence
Running a malware scan in Wordfence

MalCare

MalCare is a freemium WordPress malware scanning plugin that can scan all of your site’s files for malware. If it finds malware, MalCare can also help you clean your site.

MalCare plugin
MalCare

The free version of MalCare at WordPress.org can scan your site and notify you of any malware that it finds, but you’ll need the premium version to take advantage of the one-click automatic cleanup feature.

To run a malware scan, install the free version from WordPress.org. Then, go to the new MalCare tab in your WordPress dashboard to sync your site with the MalCare service and start the malware scan.

3. Remove Malware from Your Site

Once you find the malware that’s causing the problem, you need to completely remove it from your site.

Here at Kinsta, we’ve implemented a number of security protocols to ensure your site isn’t vulnerable to hackers. However, if something does happen to your site while you’re hosting at Kinsta, Kinsta offers a free malware removal service as part of your hosting plan. You can learn more about malware removal here or reach out to our support for help via the chat widget in your Kinsta dashboard.

If you’re hosting your site elsewhere, you have a few options for removing malware from your site.

First, if you have a clean backup, you can try restoring your site from the backup. Just remember that you will lose any content or changes that you’ve made since the backup.

If restoring from backup isn’t an option, there are a number of services and plugins that can help you remove malware from your site:

  • Sucuri – if you pay for the Sucuri platform, Sucuri offers a full malware removal and hack cleanup service. The Sucuri platform starts at $199.99 per year.
  • MalCare – if you pay for the premium version of the aforementioned MalCare plugin, it offers one-click malware removal. The premium version starts at $99 per year.
  • Wordfence – in addition to offering the most popular security plugin, the Wordfence team also provides a site cleaning service for $179. This price includes a one-year subscription to the premium Wordfence plugin.

Once you remove malware from your site, you can re-test your site with Sucuri and other malware scanning tools to make sure the malware really is gone.

4. Resubmit Your Site to Google

Once you verify that your site is clean from malware, you’ll want to finish things out by letting Google know that you’ve fixed the problem so that Google can reevaluate your website and remove the warning.

To do this, you can use Google Search Console. Again, if you haven’t already verified your site with Google Search Console, you can follow the verification steps here.

Then, once you’ve verified your site with Google Search Console, go to the Security issues section in the Security & Manual Actions. Check the box to indicate that I have fixed these issues and then click Request a Review.

How to submit your website for reconsideration in Google Search Console
How to submit your website for reconsideration in Google Search Console

Summary

If you or your visitors encounter the “The site ahead contains malware” message when trying to access your site, it likely means that your site has been infected with malware. Other variations of this message include:

  • Deceptive site ahead
  • The site ahead contains harmful programs
  • This page is trying to load scripts from unauthenticated sources
  • Continue to [site name]?

To verify that your site has an issue, you can manually run your website through the Google Safe Browsing tool.

Promptly fixing this issue is essential, as the warning message will scare away many of your visitors and negatively affect your search engine rankings.

To fix the issue, you’ll need to scan your site for malware and then remove the malware from your site. Again, if you host at Kinsta, we offer a hack fix guarantee and will clean your site of malware for free.

Once you’ve thoroughly cleaned your site, you’ll need to use Google Search Console to tell Google that you’ve fixed the problem and Google should reconsider your website.