Search Our Database

How to solve “Reported Attack Site!”?

Last updated on |

What is “Reported Attack Site”?

If you see this on your website, it means your website has been compromised and flagged by Google as a phishing or malware site.


There are two main reasons as to how your website can be compromised:

  1. The computer you are using to upload files to your website has malware/spyware which keylogs your FTP username & password.
  2. Your web application has security vulnerabilities in its code which allows attacker to access & modify your page to insert their malware.

How to deal with “Reported Attack Page”

If you are using common web applications such as WordPress, Joomla, Drupal, etc. You should update your web application to the latest version and update the plugins as well. Google has a list of basic security measures that webmasters should perform to prevent malware infection.

Below is a list of useful resources on how to cleanup & harden your web applications from attacks.

After cleaning up your website, you will need to submit a website review request to Google Webmaster. Once Google has verified that your website is clean, the “Reported Attack Page!” warning will be removed.




Here are some resources for cleaning up a Drupal site.