sfw/fix
Flagged red (WebAdvisor) high

McAfee WebAdvisor / SiteAdvisor red "suspicious site" blocklist

McAfee's reputation engine flagged the domain red for malware or bad-neighbor signals, warning or blocking visitors who use it.

What you see

This might be a dangerous site
WebAdvisor blocked example.com because it may contain malicious content.
McAfee SiteAdvisor rating: Red

What’s actually happening

Visitors running McAfee WebAdvisor (bundled with McAfee and Dell/HP machines) hit a red full-page warning or a red icon next to your link in search results. Your server is fine and other reputation services may rate you green, but McAfee's verdict is independent and its own. Traffic from McAfee users drops and you may get customer reports of a scary warning. The rating comes from McAfee's TrustedSource database, not from Google Safe Browsing or Microsoft SmartScreen, so it has to be cleared separately from those.

Common causes

  • Actual malware, an injected redirect, or a malicious script on the site (very common after a CMS compromise) that McAfee's crawler detected
  • Links to or from domains McAfee already considers risky, dragging your reputation down by association
  • Risky or bundled downloads served from the domain (installers wrapped with adware, cracked-software bait)
  • Sharing a server IP with spammy or malicious neighbors on cheap shared hosting, so the IP's bad reputation taints your domain
  • Spammy SEO patterns, cloaking, or a sudden burst of outbound links that the heuristic reads as compromise

How to fix it

  1. Clean the site before you appealScan with Sucuri SiteCheck, Quttera, or your host's malware scanner, then remove injected code: check recently modified files, theme/plugin files, .htaccess redirects, and database content for injected scripts. McAfee will re-flag instantly if it re-crawls and the malware is still there, so cleaning comes first.
  2. Find and fix what tripped itLook at outbound links (hacked sites often inject hidden link farms), any user-uploaded or downloadable files, and whether you're on a shared IP with bad neighbors (ask your host; consider moving to a clean/dedicated IP if so). Close the actual hole, don't just delete the symptom.
  3. Submit for review at TrustedSourceGo to trustedsource.org/en/feedback/url, choose McAfee SiteAdvisor/WebAdvisor as the product, enter your URL, optionally suggest the correct category and add a note that the site is cleaned, and submit. Create an account first so you get a ticket ID and status emails.
  4. Wait out the review and re-checkMcAfee typically processes categorization requests in about 3-5 business days. Check the rating afterward at sitelookup.mcafee.com. If it's still red, your appeal note should point to a clean third-party scan result as evidence.
  5. Harden so it doesn't come backUpdate CMS core, themes, and plugins, rotate all admin and database passwords, remove unused plugins, and put a WAF (Cloudflare, Wordfence) in front. A re-infection means another red flag and another multi-day review.

Stop it recurring

Keep the CMS and plugins patched, run a malware scanner on a schedule, and avoid cheap shared IPs with unknown neighbors.

Related errors

Error establishing a database connection (WordPress)

critical

WordPress cannot reach or authenticate to MySQL, so PHP renders a blank page with a single error line instead of your site.

Cloudflare Error 1015: You are being rate limited

medium

Too many requests from one IP or session in a short window tripped a Cloudflare rate-limiting rule, so the edge throttles you temporarily.

Google Safe Browsing "Deceptive site ahead" warning

critical

Google Safe Browsing flagged the site for phishing or malware, so Chrome shows a full red interstitial before the page loads.

IP listed on Spamhaus blocklist (DNSBL)

high

Your sending IP is on a Spamhaus DNSBL as a spam source or compromised host, so receiving mail servers reject your messages.