cPanel Question posted in
The official documentation can be seen here.

Deceptive site ahead warning – CPanel

I have created a website using WordPress. After some days, Chrome is showing Deceptive site ahead warning. But Firefox, Opera, Edge don’t show any warning.

I have added my site to Google Search Console. In Security Issues tab, it says No issues detected. But google chrome is still showing the warning.

How can I fix this issue? Is there a way to submit my site for a review?

UPDATE:
I followed this link provided by @scytale and followed the following steps. But it is still the warning.

  • Scan Website for Malware or Threat: I have scanned my website using Sucuri, ReScan, VirusTotal, and Quttera. None of the scans detected any malware in the website.
  • Install SSL Certificate Properly: I am using AutoSSL from cPanel Inc. If I click on the alert icon at the left of warning, it shows the certificate is valid. So I guess my SSL is okay.
  • Redirect the Website From HTTP to HTTPS (301 Redirections): I have enabled in just like the example they provided. All http requests are being redirected to https.
  • Remove Mixed Content Warning: I have tested each individual page and haven’t found any Mixed content.

The issue is, google search console is not showing any warning. So there is not option to request a review. Is there any other way I can ask google for a review? What else can I do?

Tags:

2

Answers


  1. 0

    According to Google the warning appears when “The site you try to visit might be a phishing site.” However, if this were the case I would have thought it would be identified in Google Search Console.

    dZone (a reputable security site) says the warning can appear for these reasons:

    1. your website contains malware i.e. you’ve been hacked. However as
      Google and other browser don’t report issue this is unlikely.
    2. issues with your site’s SSL certificate (for HTTPS requests) maybe
      installed incorrectly or not issued by an “approved” certificate
      authority
    3. Website traffic is not redirected to HTTPS (for fix see dZone article)
    4. Mixed Content warning i.e. your https page “includes” content
      obtained by HTTP (no S) URLs e.g. images, CSS, your or 3rd party
      scripts. However, I’m pretty sure some of my pages use 3rd party
      http affiliate scripts and I don’t get this warning.

    To fix check these issues and correct accordingly.

    Its some time since I’ve used search console/webmaster tools but if Google has completed indexing of all your pages I would have thought it would also identify issues like mixed content. N.B. https://example.com and http://example.com are treated as “different sites” and you have to select appropriately in console. This Chrome extension claims to identify causes of mixed content for you (I’ve not used and have no idea as to its reliability).

    Edit following request from Zakaria
    I’ve no personal experience of this but I’ve done a bit of Googling:

    1. Does the warning also explain why site is “dangerous” e.g. does it mention Phishing?
    2. If you provide your domain name in the question then someone maybe able to identify why. I may not have time to check quickly, but others might be better qualified than me to check and comment.
    3. Do you trust the theme and plugins you are using on your site? Google them for issues.
    4. Chrome safe browsing, as well as using downloaded lists of dodgy sites; also locally analyses the properties of each page you visit and if it thinks suspicious forwards to Google for further checking. In which case it may be possible to find out which part of the page or script Chrome finds suspicious. See this Chrome Help Page.
    5. Enter your domain here to see if you are on a “Google Blacklist”
    6. Is your domain name new to you? Perhaps it was used for Malwre/Phishing in the past?
    Login or Signup to reply.
  2. 0

    In my case my website! (hosted on vercel) used SSR & reached timeout so didn’t opened in other browsers & in my chrome gave security error.
    My website didn’t have any security error as I checked it in https://quttera.com/.
    so I changed getServerSideProps to getStaticProps & changed the domain-name of my website in vercel & it worked.😊

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search