What to do if your site is being identified as a security threat
December 21, 2010
A website can be crucial to the success of your business and even a brief period of downtime can have a significant impact on your revenue, so an important selling point of a good web hosting solution is high availability. Guaranteeing visitors’ access to your site 24/7 can be expensive, but worthwhile, especially where your website is your primary source of revenue. However, 24/7 access is of little use if users are dissuaded from visiting by a warning that there is a security risk associated with doing so.
Malware (malicious software, for example a virus) is a serious concern online, and web browsers are continually updated with new ways to reduce the risk of infection. One of the ways in which some browsers help users to avoid malware is through reliance on a list maintained by Google, identifying sites which exhibit suspicious behaviour. A site might be listed if, for example, it causes visitors to automatically download software that has not been explicitly requested.
When visiting a domain that has been listed, users are prompted to choose whether to cancel their request, or to ignore the security warning and continue. This will dissuade a very significant proportion of visitors, and so if your website is listed, you should act as quickly as possible to rectify the situation. To remove a security warning, you will need to register for Google Webmaster Tools. Removing a warning involves dealing with the problem that led to the warning in the first place; and taking precautionary measures to prevent a reoccurrence.
The impact of your site being listed as a security risk is comparable to your email communications being marked as Spam. While the service is beneficial to consumers, it has the potential to cause significant damage to your business reputation, and to affect your income. If Google make a mistake they might unilaterally identify your website as a security risk, and the volume of traffic to your site would drop considerably. Luckily, reports of sites being incorrectly identified as a security threat by Google are few and far between. If your site is listed as a threat, it could be that it has been hacked and is disseminating malware without your knowledge, as recently happened to the website of BBC Radio 3. Nevertheless, there is certainly scope for Google to cause damage, and the company has not proved infallible, as can be seen from their early 2009 tagging of the entire internet as a security risk.
If you take care to ensure that software is kept up to date, you are less likely to be susceptible to attacks that could put you at risk of being black listed, however, it is worth keeping an eye on your site so that you can respond quickly should any issues arise.