I updated this site: http://uppermarlboromd.gov/ and a regular site user with McAfee on her computer called the office to report that it was telling her “malicious software” or “downloads”, “risky behavior”. I did a search on most of the live testing sites listed here: http://zeltser.com/combating-malicious-software/lookup-malicious-websites.html and they all say the site is safe, except McAfee’s sites.
To remedy the situation, I talked to the user and had her test out a couple of other sites I manage that have similar software (I thought it might be a recent plugin upgrade and one site hadn’t been upgraded so she tested it before and after the upgrade – it was safe as were other sites). The site was fine before I updated it so I disabled all new plugins that were different than the sites that tested safe by the user. I made sure all the Wordfence settings were the same as the others. Then I scanned my site with Wordfence, which says it’s safe. But McAfee still says High Risk with a Web Category: Malicious Downloads.
What do I do? I don’t want people to be afraid to visit the site.
I;m sorry but it does appear that your site has been hacked. You need to start working your way through these resources:
Anything less will probably result in the hacker walking straight back into your site again.
Try to look for executables or other downloads you might have in there (like .exe, .zip, etc). One of them is likely being flagged by McAfee.
My first thought was that it was the settings on Wordfence, that I set it to too high a security, blocking google-look-alike bots and one site seemed to show that it might have been the problem as http://www.isithacked.com had tested the site before I changed the Wordfence settings back to default and it was reporting:
GoogleBot returned code 530
Google Chrome returned code 530
and then changed to 200 after the Wordfence changes.
Since you suggested I look at the error logs, I found binziptest error and a search told me that was in Updraft Plus, so I removed it. There was one other error and that was due to a blog post URL being too long, so I’ve now fixed that and everything seems fine, but I’m still blacklisted.
I put in a ticket to McAfee days ago and haven’t heard a thing from them. Any ideas on how I can reach them and get taken off their blacklist?
Thanks so much for your help!
- The topic ‘McAfee labeling site " Malicious Downloads"’ is closed to new replies.