The last thing anyone wants to see is the “deceptive site ahead” error when opening a site on Google Chrome. This warning message means that the web browser deems the website unsafe to open due to security issues, discouraging visitors from accessing it.
If this warning message appears on your site, you want to fix it as soon as possible. Besides endangering your data’s safety, having Google flag your site will significantly harm its SEO and traffic volume and potentially impact it negatively in other ways.
In this article, we cover the steps to fix the “deceptive site ahead” warning on WordPress websites.
What Is the “Deceptive Site Ahead” Warning?
“Deceptive site ahead” is a warning message generated by Google Chrome on sites it views as unsafe. Its appearance implies that Google has blocklisted a malicious website due to some security concerns.
The deceptive site warning message is part of Chrome’s security measures to combat frequent cyber attacks. It hinders visitors from accessing potentially dangerous sites that may jeopardize visitors’ sensitive information, such as credit card details and login credentials.
Here’s a breakdown of the “deceptive site ahead” warning message, including its variations and possible causes:
|Deceptive site ahead
|The site ahead contains malware
The site ahead contains harmful programs
Deceptive website warning
Continue to [website name]?
This page is trying to load scripts from unauthenticated sources
|Backlinks to questionable websites or malicious domains
Compromised SSL certificates
Malicious backdoor code
How to remove deceptive site ahead warning
Despite the warning’s indication of malware, sometimes Google flags websites by mistake.
Before submitting a review request to Google, check whether the warning appears on other web browsers besides Chrome. If you have encountered and resolved security issues recently, clearing the browser’s cache will force Chrome to reload the site’s latest version.
Should the “deceptive site ahead” warning persist, follow the steps below to fix the issue. Keep in mind that this tutorial will focus on WordPress websites. That said, some methods may work on sites running on other platforms.
- Detect the Cause of the Problem
To resolve the warning, you need to locate the source of the problem. First, use Google Safe Browsing to verify your site’s status. This free Google tool will detect any malware or phishing threats that made the web browser deem the website unsafe.
Google Search Console, previously known as Google Webmaster Tools, has a similar feature that detects security issues within websites. However, this method will only work if you have connected the site to Google Search Console and still have access to the platform.
Alternatively, deep scan your website using a malware scanner. This method is ideal for users with limited technical knowledge, as the tool will do all the work for you. Plenty of online malware scanners like SiteGuarding and Quttera offer this service for free.
- Back Up Your Site
Before making any changes to the infected website’s source code, make sure to back up the site files and databases. Doing so allows you to compare files and restore any lost data after the malware cleanup process.
There are several ways to back up a WordPress website ‒ using a WordPress backup plugin, the web host’s backup solution, or manually via FTP and phpMyAdmin.
- Remove Dangerous Website Files
Once you’ve identified the malicious code or infected website files, proceed to remove them.
WordPress users may install a security plugin to detect and remove malware from their sites. We recommend using Wordfence, a popular security plugin equipped with WordPress-optimized security features, such as a web application firewall and a server-side scanner.
Follow these steps to remove malware from a WordPress site using Wordfence:
- Install the plugin Wordfence Security from the WordPress repository and activate it.
- Navigate to Wordfence → Scan → Start New Scan from your WordPress dashboard.
- The list of the detected issues will be available in the Results Found section. Click on the Repair All Repairable Files button to fix the corrupted files.
Infected websites running on other content management systems may use a malware removal tool instead. Most malware scanner tools provide malware removal services, allowing you to delete infected files with a single click.
If you already have a backup from before your site was infected, restore it to replace the corrupted files. As some hosting providers keep backups for a limited time, contact your hosting provider for assistance if needed.
- Request Google to Review Your Site
After making sure that your site is free from malware, the last step is to send a review request to Google so that the warning is removed.
Google Search Console provides a direct channel to submit your appeal. Navigate to Security & Manual Actions → Security Issues from the dashboard, then select Request a Review. The request should include information on the actions you take to resolve the issue.
Appeals for hacked websites generally require several weeks to process. Meanwhile, requests for phishing and malware issues take up to several days to review.
If Google approves your request, the search engine will lift your site from its blacklist and re-index the web pages. The “deceptive site ahead” warning will disappear from your site within 72 hours.