Free Website security scan.
To keep the web save, Google has developed multiple technologies to detect malicious websites. This service is called Save browsing and is designed to notify users and webmasters of potentially harmful websites.
How does website security checker work?
The Website security checker connects with the Google Web Save API to check URLs against Google’s constantly updated lists of unsafe web resources. After performing the website security scan the tool will return these results for the specific input URL.
- Security Status
- Save – No unsafe content found.
- Unknown – Not all URLs on the web have been analysed by the Google save browsing program.
- Dangerous – Unsafe content detected
- Detected Treat
- Malware
- Phishing
- Social engineering
- Date – Last crawl date
Common website security issues
- SQL Injection
- Cross Site Scripting (XSS)
- Outdated software
- Outdated server configuration
- Unvalidated Redirects and Forwards
How does website security affect SEO?
Back in 2014 Google announced they would make HTTPS a ranking signal [source] and by making this public they showed the world how serious they are about web security. And 8 years earlier, Google released the Save browsing project in 2006, to scan the web for potentially dangerous websites and to warn users. Once a website is “blacklisted” by Google, they will take multiple actions to prevent users from accessing this harmful website:
- Showing warning in search.
- Displaying a warning message in the browser to prevent the user from accessing the page.
- Notifying the webmaster trough Google Search Console about the security issue – “Security Issues report”.
- If the security issue persists over time, Google will remove the website or infected URL from their index.
How to prevent website security issues?
- Use SSL encryption.
- Use [and possible enforce] strong passwords.
- Limit User Access.
- Set the correct file Permissions.
- Make sure your server settings are up-to-date.
- Make sure your CMS, Plugins and Themes are regularly updated.
Useful resources
- Google Security blog, The latest news and insights from Google on security and safety on the Internet
- Google Search Console (GSC) Security Issues report.
- Report malware to Google
- Report phishing to Google
- Report phishing error to Google
Tool limitations
Because dangerous websites need to be crawled by Google before being marked as harmful, it’s definitely possible that you come across a dangerous site that isn’t labelled correctly. When this is the case, please fill out the corresponding Malware or Phishing report.