Help my site is mark as "This site may harm your computer" !

Fragmaster said:

I had that problem in past with free hosting. They are always shared, and if any site on server is flagged as malicious, all sites hosted on same server will be tagged as dangerous (sometimes just that IP, sometimes entire IP class)

Click to expand...

milwood26 said:

make sure your url is "http" and not "https"

Click to expand...

Capo Dei Capi said:

Are you using a crappy ad network? Many of them have 1 or more ads that may have malware.

Click to expand...

esi0411 said:

how do i change it, in my wordpress it had set to http://www.

Click to expand...

esi0411 said:

and i just add in to googlewebmaster , google detect with http, https, www and without www

Click to expand...

Zwielicht said:

You just gave me an idea for a much needed service around here.

Anyway, you need to download all of the sample URLs and check each and every one of them using the "Fetch and Render as Google tool". If Google sees something different than your visitors, you have a problem. Scan your site for malware using Wordfence or Sucuri and try to find out if those programs detect any malware.

Like @Fragmaster said, sometimes when one site gets flagged on a shared host, the other sites will get flagged as well. However, if the sample URLs turn out to be real pages on your site that have been affected, then the problem is most likely your website.

If you can't edit it there, I believe you can change it manually from your wp-config file.

Canonicalisation issues! You need to register the www, non-www, http, and https versions of your website and set all of them to the preferred domain. You also need to use that preferred domain in your internal links as well as ensure that your the other URL variations direct to the preferred domain.

Click to expand...

esi0411 said:

will install Wordfence and do a scan , well i know nothing about Canonicalisation but i will try consult with my hosting and get SSL. iam suspect this canonicalisation is the issue and the ads/CPA network thats put PPD for third country

Click to expand...

Set your preferred domain
Tell Google which version of your site's URL you prefer for your domain:

• https://www.example.com
• https://example.com

If you set your preferred domain as https://example.com, Google treats links to https://www.example.com exactly the same as links to https://example.com.

Read Set your preferred domain for details.

Indicate the preferred URL with the rel="canonical" link element
Suppose you want https://blog.example.com/dresses/green-dresses-are-awesome/ to be the preferred URL, even though a variety of URLs can access this content. You can indicate this to search engines as follows:

• Mark up the canonical page and any other variants with a rel="canonical" link element.
  Add a <link> element with the attribute rel="canonical" to the <head> section of these pages:
  <link rel="canonical" href="https://blog.example.com/dresses/green-dresses-are-awesome" />
  This indicates the preferred URL to use to access the green dress post, so that the search results will be more likely to show users that URL structure. (Note: We attempt to respect this, but cannot guarantee this in all cases.)

Avoid errors: use absolute paths rather than relative paths with the rel="canonical" link element.

Use this structure: https://www.example.com/dresses/green/greendresss.html
Not this structure: /dresses/green/greendress.html).
Use a sitemap to indicate preferred URLs for the same content
Pick a canonical (preferred) URL for each of your pages, and tell us about your preference by submitting these canonical URLs in a sitemap.

We don't guarantee that we'll use the URLs you submit in a sitemap, but submitting one is a useful way to tell Google about the pages on your site you consider most important.

Use 301 redirects for URLs that are not canonical
Suppose your page can be reached in multiple ways:

• https://example.com/home
• https://home.example.com
• https://www.example.com

It's a good idea to pick one of those URLs as your preferred (canonical) destination, and use 301 redirects to send traffic from the other URLs to your preferred URL. A server-side 301 redirect is the best way to ensure that users and search engines are directed to the correct page. The 301 status code means that a page has permanently moved to a new location.

Indicate how to handle dynamic parameters
Use Parameter Handling to tell Google about any parameters you would like ignored. Ignoring certain parameters can reduce duplicate content in Google's index, and make your site more crawlable. For example, if you specify that the parameter sessionid should be ignored, Google will consider https://www.example.com/dresses/green.php?sessionid=273749 to be the same as https://www.example.com/dresses/green.php.

Specify a canonical link in your HTTP header
If you can configure your server, you can use rel="canonical" HTTP headers to indicate the canonical URL for HTML documents and other files such as PDFs. Say your site makes the same PDF available via different URLs (for example, for tracking purposes), like this:

https://www.example.com/downloads/white-paper.pdf
https://www.example.com/downloads/partner-1/white-paper.pdf
https://www.example.com/downloads/partner-2/white-paper.pdf
https://www.example.com/downloads/partner-3/white-paper.pdf

In this case, you can use a rel="canonical" HTTP header to specify to Google the canonical URL for the PDF file, as follows:

Link: <http://www.example.com/downloads/white-paper.pdf>; rel="canonical"
Google currently supports these link header elements for Web Search only.

[paste:font size="5"]HSTS.
To prevent Google from incorrectly making the HTTP page canonical, you should avoid the following practices:

• Bad SSL certificates and HTTPS-to-HTTP redirects cause us to prefer HTTP very strongly. Implementing HSTS cannot override this strong preference.
• Including the HTTP page in your sitemap or hreflang entries rather than the HTTPS version.
• Implementing your SSL/TLS certificafe for the wrong host-variant: for example, example.com serving the certificate for www.example.com. The certificate must match your complete site URL, or be a wildcard certificate that can be used for multiple subdomains on a domain.

Click to expand...

Zwielicht said:

Visit your website and go to the HTTPS and HTTP versions of your website. When you go to whichever URL you don't normally use, is that URL accessible, or does it redirect to the one you use?

The page below will tell you everything you need to know.
https://support.google.com/webmasters/answer/139066?hl=en

Other resources you need to read:
https://moz.com/learn/seo/canonicalization
https://www.mattcutts.com/blog/seo-advice-url-canonicalization/

Click to expand...

esi0411 said:

https is not accessible (but i think this just can be solve if i have a ssl)

Security issue type,URL,Date,Sample snippet
Malware,https://www.watchonline.red/khamoshiyan-silences-have-secrets-2015-watch-online
Malware,http://www.watchonline.red/tag/the-danish-girl-with-english-subtitles
Malware,https://www.watchonline.red
Malware,http://www.watchonline.red
Malware,http://watchonline.red/tag
Malware,http://www.watchonline.red/tag
Malware,http://watchonline.red/tag/the-danish-girl-with-english-subtitles
Malware,http://www.watchonline.red/redboxmovies
Malware,http://watchonline.red
Malware,https://www.watchonline.red/tag/the-danish-girl-with-english-subtitles
Malware,http://www.watchonline.red/page/1
Malware,http://www.watchonline.red/khamoshiyan-silences-have-secrets-2015-watch-online
Malware,http://www.watchonline.red/fifty-shades-of-grey-2015-watch-online
Malware,https://www.watchonline.red/fifty-shades-of-grey-2015-watch-online

Click to expand...

Zwielicht said:

All right, that's good. Don't worry about enabling SSL right now, worry about removing the malware first.

Back to the hacked site problem, did your web host ever get back to you when you contacted them? Also, did you upload Wordfence/Sucuri/iThemes and use it to scan your site?

I don't like Sucuri's external scanner, but here the results if you're interested. https://sitecheck.sucuri.net/results/www.watchonline.red

Click to expand...

esi0411 said:

hi Zwielicht

after a install and scanned with Wordfence, i found a weird script before close of head and all my theme in that domain had that script, download same, frees theme and compare, the frees one dont had that script, one fore sure . the script contain hxxxp://hcl.gr that also mark as malware site

and i had removed it now,
btw the hosting support report with not virus/malware detected after do a scan

Click to expand...

Zwielicht said:

Did the web host mention if there was any malware before the scan, though?

I can't read php well, but assuming that was the cause of the problem, your next step would be to find out how the script got into your site and if the hacker left any backdoor scripts in one of the files in order to get back in.

Read through the guides below.
https://codex.wordpress.org/FAQ_My_site_was_hacked

https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/

If you have any backups from a time before your site was hacked, you can try restoring your site that way and then securing it. Also ask your web host if any other sites on the same server were compromised.

What I did for one client was completely wipe everything from their server and rebuild the site from scratch. It was an extreme case where the site had been hacked for years, so I salvaged what I could, rebuilt the site, and the site hasn't been hacked since.

Click to expand...