Web HostingCost-effective shared hosting solutions
Reseller HostingStart your own hosting business without tech hustle
Affiliate ProgramEarn commission by referring customers to our platforms
cPanel HostingHosting powered by cPanel (Mostly user friendly)
Windows HostingOptimized for windows based-applications and sites
Domain SearchFind and register available domain names in seconds
Email HostingProfessional email hosting for your domain (Secure, reliable, and easy to manage)
WordPress HostingLightning-Fast, Optimized WordPress Hosting
All DomainsExplore and register domain extensions across the world
PH DomainsBuy trusted .ph domains tailored for Philippines businesses and individuals
Domain Transfermove your domain to us with zero downtime and full control
Whois LookupLook up domain ownership, expiry dates and registrar information
SSL CertificatesSecure your website with trusted SSL Certificates for data protection and customer trust.
.com DomainSecure the most recognized domain for global credibility
VPS HostingScalable virtual servers. Full root access. Faster speed.
Managed VPSNot a tech expert? Choose our fully managed VPS server.
Dedicated ServersGet the full power and complete control of your own physical server.
AI Websites BuilderCreate beautiful websites instantly with AI.
Online Shop BuilderBuild a professional online shop. No coding required.
Web Design ServiceGet a custom-designed website tailored to your brand and goals.
BlogExplore guides on web hosting, online business, digital marketing, and more
Contact UsReach us anytime by chat or email
SupportFind answers and guides for all our services
Most guides lose you in security jargon before you even know where to start. This one does not.
Getting a malware warning on your WordPress site in the Philippines is more common than you think.
It does not mean your site is gone forever. It means Google found something suspicious on it and is protecting visitors until you clean it up.
You do not need a developer to fix this. You need to work through it in the right order.
This guide tells you exactly what to do, step by step, and how to get the warning removed once your site is clean.
Your site is not destroyed. Nine months of work are still there. This is a recoverable situation.
The steps below have fixed this for thousands of WordPress site owners.
What the Warning Actually Means
When Chrome shows a red screen that says attackers might try to install harmful software, that is Google Safe Browsing.
Google scans websites automatically. When it finds malicious code, deceptive scripts, or pages that try to install something on a visitor’s computer, it flags the site and blocks access.
This happens to WordPress sites for a few specific reasons. Understanding which one hit your site tells you exactly where to clean.
| What caused it | What it means | |
| Infected plugin or theme | A plugin or theme file was modified to run malicious code. | Most common |
| Outdated WordPress core | An old version of WordPress has a known security hole that was exploited | Very common |
| Compromised admin password | Someone logged in and uploaded malicious files directly. | common |
| Shared hosting infection | Another site on the same server was infected and spread to yours. | Less common |
| Blocked IP address | Your server IP was reported for abuse, flagging all sites on it | Less common |
Step 1: Confirm the Problem in Google Search Console
Before you clean anything, find out exactly what Google flagged. This saves you time and tells you where to look.
How to check:
- Go to search.google.com/search-console and sign in.
- Select your site from the list.
- In the left menu, click Security and Manual Actions, then Security Issues.
- Read what Google found. It will list the specific URLs affected and the issue type.
What to look for: If it says Deceptive pages, Malware, or Harmful downloads, that confirms malicious code. Note the specific URLs listed. You will need them later.
Step 2: Scan Your Site for Malware
Now you know what Google found. Next, you see where the infection lives on your site.
Option A: Use your hosting panel scanner
If you are on shared hosting, your host may already have a built-in malware scanner.
Log in to your cPanel or hosting Dashboard and look for Imunify360 or cPGuard. Run a full scan.
These tools can detect and, in some cases, automatically remove infected files.
Option B: Install Wordfence on WordPress
- Log in to your WordPress dashboard.
- Go to Plugins, then Add New.
- Search for Wordfence Security and install it.
- Activate it and run a full scan from the Wordfence menu.
- When the scan finishes, it will list every infected or suspicious file.
Use both if you can. The hosting scanner catches server-level infections. Wordfence catches WordPress-level infections. Running both gives you the full picture.
Step 3: Clean the Infected Files
Once you have a list of infected files, clean them in this order.
Update everything first
- Update WordPress core to the latest version (Dashboard, then Updates)
- Update every plugin
- Update every theme
- Delete any plugins or themes you are not actively using
Remove the infected files.
For each infected file Wordfence or your scanner found, you have two options.
If it is a plugin or theme file, delete the plugin or theme completely and reinstall it fresh from the WordPress repository.
If it is a core WordPress file, reinstall WordPress from the Dashboard, Updates then Reinstall.
Do not just edit the infected file and remove the suspicious code manually unless you are confident you have found all of it.
Reinstalling from a clean source is safer.
Change all passwords immediately
- Your WordPress admin password
- Your hosting account password
- Your database password (ask your host if unsure how)
- Any email accounts linked to the site
Check for unknown admin accounts. Go to Users in your WordPress dashboard. If there are any users you did not create, delete them before continuing.
Step 4: Restore from a Clean Backup (if available)
If your hosting plan includes automatic backups and you know roughly when the infection happened, restoring to a version before that date is the cleanest fix available.
How to check for backups:
- Log in to your cPanel or hosting dashboard.
- Look for Backup or JetBackup in the tools list.
- Check the available restore points and pick one from before you noticed the warning.
- Restore the site, then immediately update all plugins, themes, and WordPress core.
No backups available? This is fixable without one. It takes longer, but the manual cleaning steps above still work.
In the future, make sure your hosting plan includes automatic backups. Truehost hosting includes them on all plans.
Step 5: Ask Google to Remove the Warning
Once your site is clean, you need to let Google know. The warning does not disappear automatically. You have to request a review.
- Go back to Google Search Console.
- Open Security Issues under Security and Manual Actions.
- Click Request Review.
- Describe what you did: what you found, what you removed, and what you updated.
- Submit the request.
How long does it take? Google typically reviews and removes the warning within 1 to 3 days of your submission. Some reviewers see it cleared within 24 hours.
How to Make Sure This Does Not Happen Again
Most WordPress infections happen because of three things: outdated plugins, weak passwords, and no malware scanning. All three are easy to fix.
| What to do | Why it is important | How often |
| Update WordPress, plugins, and themes | Most infections exploit known vulnerabilities in old versions. | Check for updates every time |
| Use a strong, unique password | Automated bots guess weak passwords within hours | Set it now; do not change it. |
| Delete unused plugins and themes | Unused code is still vulnerable even when deactivated | Monthly check |
| Keep Wordfence active and scanning | Catches new infections before Google does | Runs automatically. |
| Make sure backups are on | Gives you a clean restore point if this ever happens again. | Confirm with your host. |
Frequently Asked Questions
Will I lose my content?
No. Malware does not delete your pages, posts, or images. It adds malicious files alongside yours. Cleaning means removing those added files. Your nine months of work stay intact.
Do I need to hire a developer to fix this?
Not for a standard WordPress malware infection. Wordfence’s free scanner and your hosting panel’s built-in tools handle the detection and removal.
If the infection is deep or you are not confident reading the scan results, your hosting provider’s support team can help. Truehost Philippines offers 24/7 support for exactly this kind of situation.
What if I do not have Google Search Console set up?
Set it up now. Go to search.google.com/search-console, click Add Property, and enter your domain. Google will give you a file to upload to your site to verify ownership.
Once verified, the Security Issues report will show you everything Google has flagged. It takes about 10 minutes to set up and is free.
My host says they do not offer malware removal. What should I do?
Use Wordfence to clean the site yourself following the steps above. Then contact your host to ask whether they have Imunify360 or cPGuard on the server.
If your host offers no malware protection and no automatic backups, this is a good time to consider moving to one that does. Truehost Philippines hosting includes both.
How do I know when the warning is gone?
After Google approves your review request, open your site in a private window in Chrome.
If the red warning screen is gone and the site loads normally, the warning has been removed. Search Console will also update the Security Issues report to show the issue as resolved.
You Can Fix This
A dangerous site warning on your WordPress site is stressful. It is also fixable. Every step above is something you can do yourself without technical expertise.
Work through it in order: confirm in Search Console, scan with Wordfence and your hosting scanner, clean the infected files, update everything, change your passwords, then request a review from Google.
Most people are back online within 24 to 48 hours.
If you get stuck at any point, Truehost Philippines support is available 24/7 to help you through it.
Get hosting with automatic backups and malware protection here.