Have you ever searched Google, clicked on a relevant result, only for the search engine to tell you that the page you want to visit might be hacked? If so, you’re not alone. Google estimates that ten of millions of people are prevented from visiting an unsafe website every week, and it finds thousands of new unsafe websites every day.
Of course, it feels good to know that Google is doing everything it can to stop you visiting hacked websites. But what if it’s your business website that Google is preventing people from visiting?
There’ll be a fall in website visitors, which is likely to lead to a fall in sales. If your business relies on search engine traffic, then having it suddenly cut off can put a real dent in your revenue. You also have to remember that people who can navigate to your site, eg by typing the address in to their web browser, may be at risk of being infected by whatever malware has led to the site being blacklisted by Google.
How and why does Google blacklist sites?
Google is constantly scanning the web. It does this so it’s able to provide accurate, useful search engine results to its users. Basically, Google can understand what a website is about, and so match it to relevant search terms when people enter them. If Google considers a site to be authoritative enough, then that site is likely to rank highly for a selection of key terms.
The idea is that people are able to enter a search term and quickly and easily find what they’re looking for. If that happens, it makes Google look good, and people are more likely to use Google again in the future.
But how would someone feel if they were to search on Google, click the top result and then have their PC infected with a virus? Clearly that makes the site in question look bad, but it also makes Google look bad. After all – Google has indicated that site has authority by including it at the top of its search results.
So because of this, Google also scans the web for sites that have been compromised. It uses this information to blacklist infected sites, and prevents people from accessing them via its search results. This helps prevent people getting viruses after clicking a Google result, and as such it helps protect Google’s reputation.
So should I be worried?
It always pays to be on your guard. Research shows that 86% of websites have at least one serious vulnerability that could be exploited by hackers. If you do have a vulnerability and it is exploited, then you are going to end up on Google’s blacklist and that is likely to have a negative impact on your business.
The key here is to take preventative action to make sure there aren’t vulnerabilities to exploit on your site. Unfortunately, it’s unlikely you’ll be able to tell if your site is at risk just by looking at it. That’s why 123 Reg recommends using a tool such as SiteLock to scan your site for malware. Malware scanning starts from just £0.99 a month, but if you really want to make sure your site is safe, you can get top level protection, which blocks automated attacks against your site, and will automatically remove any malware that you’ve already been infected with.
Prevention is vital because once your site is blacklisted, the damage is already done. And getting removed from Google’s blacklist can involve a lot of time consuming work and can require technical knowledge. You can read Google’s guide to having your site removed from the blacklist here.
Help, I’ve already been blacklisted by Google!
If you’ve already been backlisted by Google, then the key is damage limitation. You have two twin priorities – removing the malware from your website, and removing vulnerabilities from your site to make sure it doesn’t get infected again. For this, 123 Reg recommends using SiteLock. Automated malware removal starts from just £4.99 a month.
You’ll also need to make sure you’re signed up for Google Search Console (formerly Google Webmaster Tools). This is because you’ll submit your request for Google to review your site via Search Console. If you need to, you can check out our guide to getting started with Search Console here. You can view Google’s full blacklist review request process here. You can also view their full guide to cleaning up a hacked site here.
Prevention really is the best course of action here, but if your website is infected then the speed with which you are able to clean it and protect it from future attacks is crucial.
Any questions? Let us know via Facebook or Twitter and we’ll be happy to help.