How We Resolved a “Dangerous Site” Warning on a WordPress Website

When Google flags a website as dangerous, everything comes to a halt. Visitors are blocked, ads are disapproved, and credibility takes a hit.

We recently helped one of our clients recover from this exact scenario. Their WordPress site had been flagged by Google, displaying a red warning screen and stopping all ad activity.

Here’s how we resolved the issue and restored their site’s integrity.

Step 1: Confirming the Issue

We started by checking Google Search Console, which flagged the site under Security Issues for potentially harmful content.

When you receive a deceptive site ahead warning, it’s a best practice to check the website’s safe browsing site status. This check can be done by visiting Google’s Safe Browsing site status page and entering the URL of the website.

To investigate further, we ran a full scan using Wordfence, a leading WordPress security plugin. It flagged several suspicious PHP files and identified injected code inside the active theme.

Step 2: Manual File Cleanup via cPanel

Next, we used cPanel > File Manager to manually inspect the public_html directory.

We found and removed several files that were clearly not part of a normal WordPress installation, including:

• Obscure scripts in the /themes/ folder
• Strange PHP files like contactus_files.php, xoopscodes.php, and others
• Malicious code injected into the theme’s functions.php file

This step helped eliminate hidden threats that might not have been flagged by automated scans.

Step 3: Reinstalling Core Plugins

One of the affected components was WooCommerce. We:

• Removed the compromised plugin
• Downloaded a clean copy from the official WordPress repository
• Reinstalled it without affecting any product or order data

This ensured all broken or missing plugin files were restored.

Step 4: Reviewing Users and Access Credentials

We reviewed all existing WordPress user accounts and deleted any that looked suspicious or had no clear role.

We also changed and secured all access points:

• Renewed all cPanel and FTP credentials
• Updated email account passwords associated with the hosting
• Changed the database login details where necessary

Step 5: Securing the Website

To prevent future issues, we:

• Updated WordPress, all themes, and plugins
• Regenerated .htaccess and reviewed wp-config.php for changes
• Installed login protection and enabled two-factor authentication
• Scheduled regular malware scans and offsite backups

Step 6: Requesting Google Review

Once everything was cleaned and secured, we submitted a Security Review Request in Google Search Console.

We included a detailed summary of the actions taken and confirmed the site was now safe. Google reviewed and cleared the warning in under 24 hours.

The Outcome

The site is now safe, stable, and ready to receive traffic again.
Both Google Ads and Meta Ads are running without any issues.

Final Thoughts

Recovering from a site security warning isn’t just about removing malware. It calls for a full review of your files, users, and system access, as well as a plan to prevent it from happening again.

If your WordPress site is ever flagged, it is possible to recover fully with the right steps and attention to detail.