Quick answer: Report your URL at feedback.smartscreen.microsoft.com as the site owner (and submit a flagged download separately at the Microsoft WDSI file portal). Clean the site first or the warning returns.
Is Microsoft Defender SmartScreen flagging your website or file?
If Microsoft Defender SmartScreen is flagging your site or a file — often showing up as “This site isn’t safe”, “This site has been reported as unsafe”, SmartScreen phishing/malware block, Bing “this site may harm your computer” — it is either a real infection or a false positive from a past issue. Here is how to get it cleared.
Step 1 — Confirm it is really a false positive
Do not request removal while malware is still present, or the flag returns. Check first:
- Run my free Is My Site Hacked? checker.
- Cross-check on VirusTotal to see every engine flagging you.
If anything turns up, get it fully cleaned first — deleting the visible malware is not enough if a backdoor remains.
Step 2 — Report the false positive to Microsoft Defender SmartScreen
Microsoft runs two pipelines: SmartScreen for URL/site reputation and WDSI for files. Submit here: feedback.smartscreen.microsoft.com
- On the Edge/Windows block page click “More information” → “Report that this site doesn’t contain threats,” or open feedback.smartscreen.microsoft.com/feedback.aspx and paste your URL.
- Choose “I am the website owner” and submit; await the SmartScreen Reputation Group email.
- For Bing search malware flags, verify the domain in Bing Webmaster Tools and submit a Malware Re-Evaluation after cleaning.
- For a flagged download, submit it at microsoft.com/wdsi/filesubmission and answer “No” to “contains malware?”
Good to know: SmartScreen (URL reputation) and WDSI (file analysis) are separate Microsoft channels — use the one matching your warning. Both are Microsoft-owned; no ownership change.
Step 3 — If the warning keeps coming back
A detection that returns after you have been cleared almost always means the infection was never fully removed — usually a backdoor in a theme file, a rogue admin user, or malware in the database. That is exactly what I fix. I am a USA-based WordPress security specialist: I remove the infection completely, submit the delisting on your behalf, and harden the site so it stays clean.
Get my site cleaned · See how it works · read my client reviews.
Frequently asked questions
How long does Microsoft Defender SmartScreen take to clear a false positive? Once the site/file is genuinely clean and you have submitted the request, most are resolved within a few days. Submitting while still infected only restarts the clock.
It keeps coming back — why? Because the real infection (a backdoor, rogue admin, or database payload) is still there. A full cleanup stops the loop.