How to Find Out If Your WordPress Site Was Hacked by@ruby_marketer

How to Find Out If Your WordPress Site Was Hacked

ruby HackerNoon profile picture


As an expert technical writer, Ruby loves to write on web development and online marketing.

There are signals that you can notice to check if the security of your site is intact. By taking action at the right time, you can protect your online presence from any severe damage.

In this article, we are going to discuss 13 signs that indicate if your WordPress site is hacked.

  1. Changed Homepage
  2. WordPress Login
  3. Site goes Offline
  4. Redirection
  5. Web Browser Alerts
  6. Search Console Alerts
  7. Search Results
  8. Unknown Links Added
  9. Popup Ads
  10. Unknown Users Accounts
  11. Emails
  12. Traffic Surge or Drop
  13. Changed Homepage

Hackers don’t usually make visible changes on the site. They do not want to come under the radar after getting access to the site. But if your homepage looks different than it supposed to be, it is a sure way sign that somebody else is customizing your site.

Hackers mostly leave a message on the Homepage announcing that they hacked your site. Sometimes their intention is to ask for money. In that case, they leave their Bitcoin address too.

WordPress Login

Unable to log in to your site is a major giveaway that your WordPress site is hacked.

It means the hacker has deleted your admin account files. You would not be able to reset the password, as your account does not exist.

There are other ways to add your account to the WordPress site. A quality Hosting company could help you to get your account back on the secure WordPress site.

Site goes Offline

It is the job of your hosting provider to actively look for any hacking attempt directed at their client’s websites.

When their security sees any infected site, they turn it down. This way, they stop the infection from spreading to other websites or the central server.


Hackers redirect the site to spammy sites. It could be an indication that someone has hacked your Domain name account. 

You have to check your Domain Name account and Hosting account to find the exact reason for the redirection.

Smart hackers redirect the sites only for the log-out users. Log-in users keep using the website as usual, without noticing that their website has already become a victim of hacking.

This redirection leads to a drop in the traffic of the site. 

Web Browser Alerts

Chrome or any browser shows a warning when a person tries to visit a webpage that hosts harmful content.

If any of your visitors find this message, your site likely has some malicious codes. In these cases, the hackers use sites as a host to gain information from visitors.

Warnings could be of different types:

Search Console Alerts

Google Search Console alerts the webmaster when there is something wrong with the security of their site.You can find this in the Security Issues tab.

Search Results

The search results show gibberish or Japanese Character. It means your site's backend is not secure.

There are three kinds of hacks that are most popular:

  • Japanese Keywords Hack
  • Gibberish Hack
  • Cloaked Keywords and Links Hack

In these hacks, Hackers are using your website to host spammy content. 

You might see clear meta-descriptions and meta-titles, but Google Crawlers reads the content differently.

Check your Site Search results:

Unknown Links Added

If you noticed external links on your site, that you don’t remember adding, it means someone else is making links on your website.

There are Marketplaces where Hackers sells backlinks from Authority Sites. They get a handsome amount in return. Thus, making the hacking worth of time.

Mostly these links are sitewide, but not always.

Keep checking the outbound links of your site. If there are links on your site that leads to shady content, your site would also be in danger.

Popup Ads

Popup ads happen to your site when hackers want to earn money.

He injects all these spammy ads that lead to open the affiliate links of the hacker. Popup ads open in a new window, hence even the users don’t notice them.

They do not show these ads to regular visitors. Only the traffic that is coming from the search engine gets to interact with such advertisements.

Unknown Users Accounts

If you find an unknown users account in WordPress Users section, it might be possible that your WordPress site is hacked. 

You can quickly delete such spam accounts from the dashboard area.

Though, if the hacker is adding an account, he will surely give the admin role to that account. You will not be able to delete the Admin account from the WordPress admin area. 

You have to delete the unknown accounts from the c-panel.


Every good hosting service provides free email accounts. These email accounts are helpful for WordPress and business-related mails.

When hackers hack the sites, they use these emails to send a huge number of spam mails. Due to that, flag your mail account as spam.

You may not be able to notice at first that your site is hacked. You will just notice that Emails are not working anymore. So, if your Emails stopped working suddenly, you should run a security scan.

Traffic Surge or Drop

Sudden hike or drop in traffic is also an unusual activity. 

Browser Safety Alerts and Redirection can drop the traffic. The bot attack increases the traffic. In both cases, your site is not secure.

Excessive spam traffic can increase the load on servers as well. Actual visitors will find the site slow because the Bots would be eating the bandwidth.

That’s why keeping an eye on the site stats is essential.

Final Words

If you look for the signs we mentioned in the list, you will detect the hacking. You would be able to prevent any severe damage.


Signup or Login to Join the Discussion


Related Stories