Fortinet (FortiGuard Web Filter) False Positive & Blacklist Removal
By DrGlenn — USA-based WordPress security specialist· 290+ cleanups across 34 countries· Updated June 22, 2026
Is Fortinet (FortiGuard Web Filter) flagging your website?
If Fortinet (FortiGuard Web Filter) is warning visitors about your site — with something like Malicious Websites, Phishing, Spam URLs, Newly Registered Domain; FortiGate “Web Page Blocked” — it means one of two things: your WordPress site really is infected, or it is a false positive left over from a problem that was already fixed. Either way, here is exactly how to get the warning removed.
Step 1 — Confirm it is really a false positive
Before you ask Fortinet (FortiGuard Web Filter) for a review, make sure the site is actually clean. If you request removal while malware is still present, the flag comes straight back (and some vendors rate-limit repeat requests). Check it two ways:
- Run it through my free Is My Site Hacked? checker for a fast look at injected code, spam and cloaking.
- Cross-check on VirusTotal to see every engine that is flagging you.
If anything turns up, get it fully cleaned first — deleting the visible malware is not enough if a hidden backdoor remains.
Step 2 — Report the false positive to Fortinet (FortiGuard Web Filter)
Request a FortiGuard Web Filter rating change. Submit here: fortiguard.com/faq/wfratingsubmit
- Look up your domain at fortiguard.com/webfilter to see its category.
- Open the Web Filter Rating Change form (fortiguard.com/faq/wfratingsubmit).
- Enter the URL, current rating, the rating you believe is correct, and a contact email.
- Submit and wait for FortiGuard Labs to re-rate.
- From a FortiGate you can also request re-evaluation under System → FortiGuard.
Good to know: Reviews are generally processed within ~24 hours. Uncategorized sites can be submitted via the lookup tool for an initial rating.
Step 3 — If the warning keeps coming back
A warning that returns after you have been delisted almost always means the infection was never fully removed — usually a backdoor in a theme file, a rogue admin user, or malware stored in the database. That is exactly what I fix. I am a USA-based WordPress security specialist: I remove the infection completely, submit the delisting on your behalf, and harden the site so it stays clean.
Get my site cleaned · See how it works · read my client reviews.
Frequently asked questions
How long does Fortinet (FortiGuard Web Filter) take to remove the warning? Once your site is genuinely clean and you have submitted the request, most reviews clear within a few days — see the timing note above. Submitting while still infected only restarts the clock.
It keeps coming back — why? Because the real infection (a backdoor, rogue admin, or database payload) is still there. A full cleanup stops the loop.
More removal guides: Malwarebytes (Browser Guard), Comodo / Xcitium, Dr.Web · all vendor guides · full report-link directory.