ESET False Positive & Blacklist Removal
Is ESET flagging your website?
If ESET is warning visitors about your site — with something like “Blocked by ESET”, web-filter block, anti-phishing “Phishing site”, “Scam site” — it means one of two things: your WordPress site really is infected, or it is a false positive left over from a problem that was already fixed. Either way, here is exactly how to get the warning removed.
Step 1 — Confirm it is really a false positive
Before you ask ESET for a review, make sure the site is actually clean. If you request removal while malware is still present, the flag comes straight back (and some vendors rate-limit repeat requests). Check it two ways:
- Run it through my free Is My Site Hacked? checker for a fast look at injected code, spam and cloaking.
- Cross-check on VirusTotal to see every engine that is flagging you.
If anything turns up, get it fully cleaned first — deleting the visible malware is not enough if a hidden backdoor remains.
Step 2 — Report the false positive to ESET
ESET splits reporting: a web-filter form for malicious-page blocks and a separate phishing form. Submit here: webfilter.eset.com
- Open the ESET “Report incorrectly blocked page” form at webfilter.eset.com.
- Enter the blocked URL and explain why it should not be blocked (cleaned, owner-verified).
- Tick “I am the owner of the website” and add your email, then submit.
- For phishing-specific blocks, use phishing.eset.com/en-us/remove instead.
- Optionally email samples with subject “Domain whitelist <domain>” as a backup.
Good to know: Pick the form that matches the warning text: webfilter.eset.com for general blocks, phishing.eset.com for anti-phishing flags.
Step 3 — If the warning keeps coming back
A warning that returns after you have been delisted almost always means the infection was never fully removed — usually a backdoor in a theme file, a rogue admin user, or malware stored in the database. That is exactly what I fix. I am a USA-based WordPress security specialist: I remove the infection completely, submit the delisting on your behalf, and harden the site so it stays clean.
Get my site cleaned · See how it works · read my client reviews.
Frequently asked questions
How long does ESET take to remove the warning? Once your site is genuinely clean and you have submitted the request, most reviews clear within a few days — see the timing note above. Submitting while still infected only restarts the clock.
It keeps coming back — why? Because the real infection (a backdoor, rogue admin, or database payload) is still there. A full cleanup stops the loop.
More removal guides: Trend Micro, Gridinsoft, VIPRE · all vendor guides · full report-link directory.