My Innocent Web Site is being blocked as a phishing site? How can I stop this

Dear Experts,
I have a Web site that I have set up to promote a book that I am launching right now.  The Web site does not ask for any money.  It has no adverts (except for my book) so I was shocked to find just now that my browser was trying to block it as a "phishing" site.

How can I remove this problem?  Its a huge problem for me if my potential book buyers cannot view the site.  I had a pretty good talk with a journalist this morning.  It would be a perfect proof of Murphy's law if his paper mentions my Web site just as it is being blocked.

Who does this blocking?  I have removed my AVG and the message still pops up.

I am using Wordpress 3.0.1.  I have allowed people to post comments.  I notice that some of the comment boxes have been filled with spam type advertising comments.  Could that be the cause?
Best Wishes,

Philip Truscott This is the nasty warning message
Who is Participating?
btanConnect With a Mentor Exec ConsultantCommented:
Firefox checks the site it is accessing if it reference the past site it will be blocked. If the first link of reference is otherwise such as based, it should be alright. Can do a quick google check for the site "health" as well.

I do see that there will not be 100% secure website but minimally we should make it difficult for the attacker by reducing the attack surfaces esp those low hanging fruits such as the mentioned comments field, they can easily input malicious scripts if proper input validation is not incorporated.

Have the proper authentication and authorisation set in term of the access to the various sub sites. The segregation is good to separate the more sensitive from the least, but do also control the file directory listing. Read on the links esp on the file permission and  htaccess in the following links.

Of course the above is not a panacea for all attacks but being resilient is what we should strive for. Also have regular backup for recovery as needed. Balancing the operational needs is important as well as you do not want to make it too "tedious" for readers to access your site else it can be very secure but it does not attract readers. Identify what is the high risk and protect it, the rest will be more of the baseline protection as necessary.

What do you see when you click on "Why was this site blocked?" It should give you a reason and probably explain how to resolve it.
            It appears the error you show above was in Firefox. Here is what Firefox support has to say about this issue:

If you own a site that was attacked and you have since repaired it,  or if you feel that your site was reported in error, you can request  that it be removed from the lists.  We encourage site owners to  investigate any such report thoroughly, though; a site can often be  turned into an attack site without any visible change.

To request removal from the list of reported phishing sites, use this form provided by Google:

To request removal from the list of reported malware sites, use this one, provided by

Never miss a deadline with

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

Generally when this happens it is because of insecure permissions or poor coding of your site.
 You should run a web application vulnerability scan that can detect vulnerabilities like the OWASP top 10, these scans can tell you where the problem lies and generally how to fix it.

If you run linux you may also have permissions issues.
Generally in linux perms should be 755 for directories, and 644 for files.
If your files are all world writable and executable this could account for malicious data being present in your site as well.
755 is seen as rwxrw-xr-x
644 is seen as -rw-r--r--

To fix this now, remove the phishing site from your system (check for any files and directories you have never seen and did not put there)
Or have a security consultant take a look at your site and see if there are hidden directories as well.

You can visit and run a scan against your site to determine where the problem lies.
In looking further into the issue at hand, it appears you use some adware on your site. It is possible that a third-party ad was malicious and infected users that viewed your site. You will need to make sure you use a reputable ad source that scans all of their ads for malware prior to hosting it.

btanExec ConsultantCommented:
The site has been attacked, see the analysis below.

I will suggest that you do not host in current website - assuming is not your setup web server.
Check out this site for making decision when hosting of website, quite useful considerations
> there are more references on their right pane

Also for some free host provider, you may consider this. But if this is going to a long hosting and foresee further expanding/retention, why not go for commercial hosting, credibility will be more worthwhile as compared to going for website that are easily exploited by attacker (they know there is a large pool of victims being hooked)

Another interesting site like OpenDNS will be useful too with its real time intel checks hosted.
btanExec ConsultantCommented:
of course if you want to access specific block site (which I do not advice), you can check out this. Use of proxy is one mean
PTRUSCOTTAuthor Commented:
Dear Experts,

I do not have any ads on my site.  I think what has happened is that in the past some malicious web visitors have used the Wordpress "add a comment" feature to post information about their nasty sites on my site.  

I don't really need the "add a comment" feature anyway.

What I plan to do is:

1. Create a new WordPress installation into a subdomain of my site such as

2. Move all of my content into the subdomain but delete all the comments in the MySQL database and then close down the comment feature.

3. Add a re-direct command from the index.html on my main site

Will this get around the blocking?  Since the Web visitors will only be on the main site for a split second until they are re-directed.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.