How to Fix “This site ahead contains harmful programs” Error in WordPress
Are you seeing ‘This site contains harmful programs’ error on your website? This usually means that your website is hacked and Google has marked it insecure. Sometimes even when you fix the hack, the error still shows up. In this article, we will show you how to fix this site ahead contains harmful programs error in WordPress.
Reasons for This Site Contains Harmful Programs Error
The number one reason for this error is that your website is hacked and is believed to be distributing a malware. This code spreads itself from the infected website to website visitors and can even spread to other websites.
Google marks a website with this warning if they find any suspicious code that could be a malware or trojan. This warns users to be careful when visiting these sites.
Another common reason for this error is showing ads from low quality advertising networks. These networks may sometime display ads linking to websites distributing malicious code.
To find this malicious code on your site, take a look at our tutorial on how to scan your WordPress site for potentially malicious code.
You can also check your site using Google’s safe browsing analysis tool.
All you need to do is add your site’s domain name as the query parameter to the URL like this:
Now that you know why the error happens, let’s take a look at how to fix it.
If you don’t like the video or need more instructions, then continue reading.
Fix This Site Contains Harmful Program Error
Before we start, please make a complete backup of your WordPress site. If you already had a backup system in place, then keep it handy as you may need it.
Removing malware and recovering a website can become a very complicated task. Sometimes even when you clean your site thoroughly, the malicious code can keep coming back until you find and remove the backdoor placed on your site.
Backdoor is referred to a method of bypassing normal authentication and gaining the ability to remotely access the server while remaining undetected. Finding the backdoor is not an easy task either. It could be a compromised password, unsafe file permissions, or a cleverly disguised file. We have a detailed guide on how to find a backdoor in a hacked WordPress site and fix it.
Once you have successfully removed the backdoor, you will still need to thoroughly check all your files and database for any malicious code.
As you can see that cleaning up and infected WordPress site can be a very tedious task. This is why we use Sucuri on all our websites.
Sucuri is a website monitoring and security service for WordPress users. It monitors your site 24/7 for suspicious activity, blocks any hacking attempts on your site, and clean up your site of any malware.
It costs $199 / year which is well worth it considering a freelance security expert may charge you upwards of $250 per hour.
Save yourself the frustration and hours of cleanup, and use Sucuri.
Note: If you use our link to signup, then we will receive a small commission. However, we only recommend products that we personally use and believe will add value to our readers.
Getting The Warning Removed by Google
Once you are absolutely certain that your website is clean, then you can ask Google to remove this warning from search results.
You will need to use Google’s Webmaster tools for that. If you have not already added your site to webmaster tools, then follow our tutorial on how to add your WordPress site to Google webmaster tools.
Once there, you need to click on the security issues section in webmaster tools. This page will list any security issues Google may have found on your website. You will also see the links to resources on clean up on your site.
Once you have fixed the issues, click on the checkbox and request a review.
In case you do not see any security issues in Google Webmaster tools, then you should the following form to report incorrect phishing warning.
We hope this article helped you fix this site ahead contains harmful programs error. You may also want to see our list of 25 most common WordPress mistakes to avoid.