How to Fix Disapproved Google Ads? (Malicious software)

If your website was recently hacked and your Google ads stopped working, you’re facing hours, days or even months of downtime, which may result is a heavy financial loss. To minimise it, you’ll need to effectively plan your next steps.

Need help? Let us clean your site.

Depending on the service or product advertised, you may:

  1. Quickly resume your ads, using a temporary landing page – which will be associated with a distinct domain name. Works for service providers – counselor, accountant, plumber, etc.
    • You may signup with unbounce, leadpages or instapage in a combination with a fresh domain name.
    • Setup a landing page or a mini site, using your current hosting account – this will require technical knowledge.
  2. Keep your campaign paused and continue to address the main issue, making sure your website is malware free – recommended for ecommerce websites. The entire process should take approximate 3 to 7 business days.

Here are the steps required for the second option ( all covered by Magefix’s Platinum plan ).

1. Backup

Make sure web files and database are exported safely, on your local computer, to prevent further data loss.

2. Open a ticket with Google Ads

You may reach Google Ads support here:
On the last step, select “Email” as a contact option. This will buy you some time, while a cleanup will be performed.

2.a Perform a malware cleanup

Follow a cleanup guide, depending on the platform you’re using – WordPress, Drupal, Joomla or Magento. Each platform has a specific structure. Note: Consider rebuilding your site from scratch, making sure fresh core files and modules will be used – our most commonly used approach, especially for WordPress.

2.b Disable cache

Disable any CDN, local cache setting, plugin or cache setting provided by your DNS provider ( ex. Cloudflare ).
Make sure all visitors will get the current non-cached site version.

How to turn off caching using .htaccess:
Disable cache in Cloudflare:

3. Take screenshots

Google Ads support often ask for screenshots, as a proof your site is indeed clean. Two screenshots from Sucuri SiteCheck and Google Search console should be enough.

Google search console screenshot ( example )
Sucuri Sitecheck screenshot ( example )

4. Review Google Ads first reply

If you 100% your site is malware free, ask Google support for a thorough site review, providing the screenshots as proof. Google Ads’s policy team is in charge with this analysis.
In case Google will provide a list with malicious links, research and perform a second cleanup. Note: I’ve often seen reports with malicious links, when in fact site was clean – make sure site cache is disabled.

5. Patiently wait for Google’s next reply

If you recently submitted a site check request, you should expect a reply in 24 to 48 hours. The first reply, which may include malicious links, may not reflect the actual site status – that’s why a thorough review should be performed. Note: Google Ads support will not reply during weekends. However, following a review request, ads may be automatically approved during weekends – so keep an eye on your campaigns.

Google Ads gets automatically approved after a review request

After the hard work, here are some phrases we love getting from Google Ads support team:
“We can confirm that the moderation of the site has shown that is malicious free.”
“Great news: your ads are now approved!”
“I just received a response from the security team in charge of your domain and they have told me that the domain is free of malware violations.”

Need help? Try our Free site check.