{"id":270,"date":"2021-07-04T16:41:09","date_gmt":"2021-07-04T16:41:09","guid":{"rendered":"https:\/\/mumbaiwebhosting.co.in\/portal\/?p=270"},"modified":"2021-07-04T16:42:07","modified_gmt":"2021-07-04T16:42:07","slug":"how-to-remove-deceptive-site-ahead","status":"publish","type":"post","link":"https:\/\/mumbaiwebhosting.co.in\/portal\/how-to-remove-deceptive-site-ahead\/","title":{"rendered":"Simple 3 steps to Remove Deceptive Site Ahead Google"},"content":{"rendered":"<p>Every individual managing their own website may have this feeling &#8220;How to Remove Deceptive Site Ahead for my website.<\/p>\n<p>&nbsp;<\/p>\n<p><img loading=\"lazy\" class=\"alignnone wp-image-271 size-full\" src=\"https:\/\/mumbaiwebhosting.co.in\/portal\/wp-content\/uploads\/2021\/07\/deceptive-ahead-1.jpg\" alt=\"Deceptive Site Ahead\" width=\"1200\" height=\"796\" srcset=\"https:\/\/mumbaiwebhosting.co.in\/portal\/wp-content\/uploads\/2021\/07\/deceptive-ahead-1.jpg 1200w, https:\/\/mumbaiwebhosting.co.in\/portal\/wp-content\/uploads\/2021\/07\/deceptive-ahead-1-300x199.jpg 300w, https:\/\/mumbaiwebhosting.co.in\/portal\/wp-content\/uploads\/2021\/07\/deceptive-ahead-1-1024x679.jpg 1024w, https:\/\/mumbaiwebhosting.co.in\/portal\/wp-content\/uploads\/2021\/07\/deceptive-ahead-1-768x509.jpg 768w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" \/><\/p>\n<p>The deceptive site ahead warning simply means that attackers have compromised your site and most likely are using it for Phishing. This means the visiting users are being served fake pages that are tricking them to reveal their credentials, credit card info, and other crucial information. Which is then sent to the attackers on their shady servers.<\/p>\n<h2>Here are few tips that may help you to remove Deceptive Site Ahead:<\/h2>\n<h3>Step1: Find the Cause of Infection<\/h3>\n<p>The first and most important step towards fixing the deceptive site ahead warning is to locate the infection. It could be present in a single page, file, folder, or the entire website.<\/p>\n<h4>Manual Search<\/h4>\n<p>While the manual search is not the ideal way for malware detection considering it requires expertise and prior knowledge to spot the malware, it can be a great start if you know your website in and out.<\/p>\n<p>To start with,<\/p>\n<ul>\n<li>Visit your website from another device by ignoring the warning.<\/li>\n<li>Now, view the source of your site by right-clicking outside any element and selecting the <i>View page source<\/i> option. This will open the source code of your page in a new tab.<\/li>\n<li>Here look for any suspicious third-party javascript files, iFrames, HTML tags, or other fishy-looking elements loading on that page. Note them down.<\/li>\n<li>Now open the file manager of your server and view the source code of those files for malicious code.<\/li>\n<\/ul>\n<p>During the manual search, some other resources that you need to check for fixing deceptive site ahead warning are:<\/p>\n<ul>\n<li>Any new themes or plugins you recently installed.<\/li>\n<li>Unknown web admins in the dashboard.<\/li>\n<li>New admins or users in the database.<\/li>\n<li>New files with unique names or base64 encoded characters.<\/li>\n<\/ul>\n<p>To check for recently modified files, say 30 days old, log in to your server via SSH and run the following command:<\/p>\n<p>find . -type f -mtime 30<\/p>\n<p>Here, change the value from 30 to as per the number of days of your choice. A word of caution here, some files are automatically modified by the system so be sure to double verify for malware in such files before removing them.<\/p>\n<h3>Step 2: Clean the Website<\/h3>\n<p>Now that you have identified the infected files or hacked resources the next steps for fixing deceptive site ahead warning are:<\/p>\n<ul>\n<li>Delete the malicious code in infected files. If you are unsure of what the code does, comment it out and get help from experts.<\/li>\n<li>For code obfuscated using base64 encoding, use online resources to decode it and see what it does.<\/li>\n<li>Remove suspicious users from the database as well as the dashboard and change passwords to each one of them to a secure and random string.<\/li>\n<li>Delete any buggy or null plugins, themes, etc, and make sure to delete their files as well. There are plenty of alternatives available to them today that you can choose from if the plugin\/theme adds important functionality to your website.<\/li>\n<li>If any suspicious users are found in the <i>property owner management page <\/i>of your Google search console dashboard, remove them. Also, delete all meta tags and HTML files that were used to verify the ownership by unauthorized users.<\/li>\n<li>Finally, alert the users to reset their credentials as phishing pages would have sent them to attackers.<\/li>\n<\/ul>\n<h3>Step 3: Submit Site for Review<\/h3>\n<p>The last step in fixing a deceptive site ahead warning message is to submit the website to Google for a review. However, before doing so, make sure you have double-checked your website for backdoors or malware.<\/p>\n<p>If all is spick and span, submit the site for review using these steps:<\/p>\n<ol>\n<li>Login to your <i>Google Search Console<\/i>.<\/li>\n<li>Click and open the <i>Security Issues<\/i> report section and select <i>I have fixed these issues<\/i>.<\/li>\n<li>Thereafter, click on the <i>Request a review<\/i>. Here, tell in detail the steps you took in fixing the warning. You can also use custom templates provided by some sites.<\/li>\n<li>Finally, click <i>Submit Request<\/i> and in case there are multiple issues, repeat the process for each.<\/li>\n<li>When done with all, sit back and wait as this can take a few hours for Google to review your request.<\/li>\n<\/ol>\n<p>If all is okay with your website, Google will lift the blacklisting and de-indexation of your pages. It can take a few days for your web pages to get re-indexed to regain their rankings entirely.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Every individual managing their own website may have this feeling &#8220;How to Remove Deceptive Site Ahead for my website. &nbsp; The deceptive site ahead warning simply means that attackers have&#8230; <a class=\"read-more-link\" href=\"https:\/\/mumbaiwebhosting.co.in\/portal\/how-to-remove-deceptive-site-ahead\/\">Read more &raquo;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/mumbaiwebhosting.co.in\/portal\/wp-json\/wp\/v2\/posts\/270"}],"collection":[{"href":"https:\/\/mumbaiwebhosting.co.in\/portal\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mumbaiwebhosting.co.in\/portal\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mumbaiwebhosting.co.in\/portal\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mumbaiwebhosting.co.in\/portal\/wp-json\/wp\/v2\/comments?post=270"}],"version-history":[{"count":5,"href":"https:\/\/mumbaiwebhosting.co.in\/portal\/wp-json\/wp\/v2\/posts\/270\/revisions"}],"predecessor-version":[{"id":276,"href":"https:\/\/mumbaiwebhosting.co.in\/portal\/wp-json\/wp\/v2\/posts\/270\/revisions\/276"}],"wp:attachment":[{"href":"https:\/\/mumbaiwebhosting.co.in\/portal\/wp-json\/wp\/v2\/media?parent=270"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mumbaiwebhosting.co.in\/portal\/wp-json\/wp\/v2\/categories?post=270"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mumbaiwebhosting.co.in\/portal\/wp-json\/wp\/v2\/tags?post=270"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}