Not sure if Website is being showen or correctly optimized

Ask Me Anything Q&A Trueprofitama

Topic summary

A website owner reports that Norton flagged their site as “malicious” when a friend visited, and they haven’t received any contact inquiries since launching, suggesting possible code issues.

Recommended troubleshooting steps:

  • Security scanning: Use tools like Google Safe Browsing, Sucuri, or VirusTotal to detect malware or compromised code
  • Code review: Check server files for suspicious scripts, injections (SQL, XSS), or unfamiliar modifications
  • Software updates: Ensure the website platform, plugins, and themes are current to patch known vulnerabilities
  • Malware removal: Clean any identified malicious code or hire a security expert if needed

Recovery actions:

  • Submit the site for review through Norton Safe Web and other security services that may have flagged it
  • Implement SSL/TLS encryption, strengthen passwords, and add security plugins
  • Set up regular backups and monitoring tools (e.g., Wordfence for WordPress)
  • Communicate with users about the issue and resolution once fixed

Prevention: Establish ongoing security audits, firewalls, and Content Security Policies to avoid future incidents.

The discussion remains open with no confirmation that the issue has been resolved.

Summarized with AI on October 30. AI used: claude-sonnet-4-5-20250929.
1

Recently one of my friends went on my website and was surprised by being flagged with “malicious site” by Norton.

Also since I have been on the site, I have not been contacted from anyone for any questions. There may be some wrong code in the site. How can this be resolved or corrected?

Sarkis

2

hey @lorie-222-607 follow these steps

Check for Malware or Suspicious Code- Scan Your Website: Use website security tools like Google Safe Browsing, Sucuri, or VirusTotal to check if your site is flagged for malware or compromised.

  • Review Site Files: If you have access to the server or hosting account, go through the website’s files and check for any suspicious code, scripts, or files that you didn’t add. Look for unfamiliar or obfuscated code, as well as any changes to file timestamps.
  • Check for Injections: Ensure no SQL injection, Cross-Site Scripting (XSS), or other vulnerabilities exist in your code.

2. Fix Vulnerabilities- Update Software: Make sure your website platform (e.g., WordPress, Joomla, etc.), plugins, themes, and all associated software are up to date. Many attacks target outdated software.

  • Clean the Code: Remove or correct any malicious code found. If you’re not sure how to identify this, consider hiring a security expert or developer.
  • Strengthen Security: Implement stronger security measures such as SSL/TLS encryption, changing passwords regularly, and using security plugins for your website platform.

3. Submit Your Website for Review

After you’ve resolved any potential issues:

  • Norton: Visit Norton’s website and use their Norton Safe Web tool to request a review of your website. They have a process to remove sites from being flagged once issues are resolved.
  • Google Search Console: If you’re using Google Search Console, check for any security issues flagged by Google and request a review once you’ve fixed the problems.
  • Other Security Providers: If other security services like McAfee or Web of Trust have flagged your site, visit their websites and follow their instructions to request a review.

4. Monitor Your Website- Regularly monitor your site for any new issues. Using security plugins like Wordfence (for WordPress) or tools like Sucuri can help you get alerts about potential threats.

  • Backups: Keep regular backups of your site so you can restore it quickly if something goes wrong in the future.

5. Communicate with Users

If you’re receiving fewer inquiries or contacts, your users may be hesitant to visit the site because of the security warning. It’s important to let them know you’re aware of the issue and are actively fixing it. Once resolved, you could send an update through your newsletter or post an announcement on your site.

6. Prevent Future Issues- Security Best Practices: Consider adding firewalls, using Content Security Policies (CSP), and ensuring any third-party scripts are from reputable sources.

  • Regular Audits: Set up periodic security audits to prevent issues in the future.

    try this one
    best regard
    MUSTUFA