Quick answer: Clean the site completely, then open Google Search Console → Security Issues and click Request Review. Phishing flags usually clear in about a day; a “hacked” flag can take 1–2 weeks. Requesting while still infected resets the clock.
Is Google Safe Browsing flagging your website?
If Google Safe Browsing is warning visitors about your site — with something like “This site may be hacked”, “Deceptive site ahead”, “The site ahead contains malware” — it means one of two things: your WordPress site really is infected, or it is a false positive left over from a problem that was already fixed. Either way, here is exactly how to get the warning removed.
Step 1 — Confirm it is really a false positive
Before you ask Google Safe Browsing for a review, make sure the site is actually clean. If you request removal while malware is still present, the flag comes straight back (and some vendors rate-limit repeat requests). Check it two ways:
- Run it through my free Is My Site Hacked? checker for a fast look at injected code, spam and cloaking.
- Cross-check on VirusTotal to see every engine that is flagging you.
If anything turns up, get it fully cleaned first — deleting the visible malware is not enough if a hidden backdoor remains.
Step 2 — Report the false positive to Google Safe Browsing
Google flags sites through Safe Browsing, and the fastest fix is through Google Search Console. Submit here: Google Search Console → Security Issues
- Verify your site in Google Search Console.
- Open Security & Manual Actions → Security Issues to see the exact detection.
- Fully clean the site (remove injected files, restore from a clean backup, patch the hole).
- Click “Request review” and describe what you fixed.
- If you believe the flag is wrong, also file an appeal at safebrowsing.google.com/safebrowsing/report_error/.
Good to know: Review timing varies — phishing ~1 day, malware a few days, a “hacked” flag up to 1–2 weeks. If you request review while still infected the warning returns and you can be rate-limited. Check status at transparencyreport.google.com/safe-browsing.
Step 3 — If the warning keeps coming back
A warning that returns after you have been delisted almost always means the infection was never fully removed — usually a backdoor in a theme file, a rogue admin user, or malware stored in the database. That is exactly what I fix. I am a USA-based WordPress security specialist: I remove the infection completely, submit the delisting on your behalf, and harden the site so it stays clean.
Get my site cleaned · See how it works · read my client reviews.
Frequently asked questions
How long does Google Safe Browsing take to remove the warning? Once your site is genuinely clean and you have submitted the request, most reviews clear within a few days — see the timing note above. Submitting while still infected only restarts the clock.
It keeps coming back — why? Because the real infection (a backdoor, rogue admin, or database payload) is still there. A full cleanup stops the loop.