Are you seeing “This site contains harmful programs” error on your website? This usually means that your website is hacked and Google has marked it insecure. Sometimes even when you fix the hack, the error still shows up. In this article, we will show you how to fix this site ahead contains harmful programs error in WordPress.

The number one reason for this error is that your website is hacked and is believed to be distributing a malware. This code spreads itself from the infected website to website visitors and can even spread to other websites.

Google marks a website with this warning if they find any suspicious code that could be a malware or trojan. This warns users to be careful when visiting these sites.

Another common reason for this error is showing ads from low quality advertising networks. These networks may sometime display ads linking to websites distributing malicious code.

To find this malicious code on your site, take a look at our tutorial on how to scan your WordPress site for potentially malicious code.

ou can also check your site using Google’s safe browsing analysis tool.

All you need to do is add your site’s domain name as the query parameter to the URL like this:

https://www.google.com/safebrowsing/diagnostic?site=shapeofweb.com

Make sure you replace the shapeofweb.com domain with yours. Now that you know why the error happens, let’s take a look at how to fix it.

Removing malware and recovering a website can become a very complicated task. Sometimes even when you clean your site thoroughly, the malicious code can keep coming back until you find and remove the backdoor placed on your site.Backdoor is referred to a method of bypassing normal authentication and gaining the ability to remotely access the server while remaining undetected. Finding the backdoor is not an easy task either. It could be a compromised password, unsafe file permissions, or a cleverly disguised file. We have a detailed guide on how to find a backdoor in a hacked WordPress site and fix it.

Once you have successfully removed the backdoor, you will still need to thoroughly check all your files and database for any malicious code.

As you can see that cleaning up and infected WordPress site can be a very tedious task.

Getting The Warning Removed by Google

Once you are absolutely certain that your website is clean, then you can ask Google to remove this warning from search results.

You will need to use Google’s Webmaster tools for that. If you have not already added your site to webmaster tools, then follow our tutorial on how to add your WordPress site to Google webmaster tools.

Once there, you need to click on the security issues section in webmaster tools. This page will list any security issues Google may have found on your website. You will also see the links to resources on clean up on your site.

Once you have fixed the issues, click on the checkbox and request a review.

In case you do not see any security issues in Google Webmaster tools, then you should the following form to report incorrect phishing warning.

In conclusion

It’s easier to protect your website from attacks than fixing things. This works exactly the same way as it works with health – it’s better to prevent the problems than cure them. We recommend you to use security plugins which make sure your website is protected from any attacks.