May 11

“Is My Site Hacked?” Here’s How to Find Out (Step By Step)

Tutorials, WordPress Security


This post was originally published on this site

Is your browser alerting you that your website is hacked? Has your site been suspended by your hosting provider?

We wish we could tell you that there’s nothing to worry about. But the truth is that it’s very likely that your website is hacked.

Moreover, it’s possible that your website has been hacked and infected long enough for the browser and WordPress hosting providers to notice.

In that case, it’s fair to say that your website has been damaged considerably.

Once hacked, the website may experience that it’s slowing down. It may start seeing ads popping up on every page. Visitors of the site could be redirected to other websites. All this would have a huge impact on your search engine ranking, your traffic, and revenue collection.

But luckily you can fix your hacked websites. We’ll show you how to fix hacked websites but first, you have to be sure that your website is really hacked.

There are various ways of identifying if a website is hacked. In this article. we’ll show you the most effective ways of identifying a hacked website.

→ How To Check If My Site Is Hacked?

There are a number of things that you can do to check your website. They are:

1. Run a Website Scan To Detect Hack
2. Check If Google Has Marked Your Site As Insecure
3. Check If Google Search Results Flags Your Site As Hacked or Harmful
4. Check If Google’s Search Console Shows Your Site Contains Malware

1. Run a Website Scan To Detect Hack

When a website is hacked one of the first things hackers do is infect your website with malware which will enable them to carry out malicious activities.

The core function of a website scanners is to find malware infection on a WordPress website. Scanning a website is the best way to find out if your website has malware.

While there are different WordPress scanners to choose from, not every scanner is effective. For instance, many scanners are able to find only known malware which means they are unable to find new types of malware. MalCare is the most effective malware scanner out there. Here’s why –

i. Finds New Malware

Many security scanners rely on patterns or signature matching methods. In this method, the scanner has a list of malicious signatures (like eval base64) which they use to find malware on your site.

There are two drawbacks to this method.

First, there is no exhaustive list of malware patterns. Hackers are constantly creating new patterns which is why it’s hard for most scanners to detect new malware.

Moreover, some malicious signatures like eval base64 can also be legitimate code snippets found in plugins and themes. Therefore, some scanners may mark good code as bad.

To prevent false detection, MalCare goes beyond signature matching and analyses the behavior of codes. In this way, even if a code looks malicious, MalCare can determine whether it is legitimate or actually malicious.

And since MalCare does not rely on signature or pattern recognition, it is able to detect new types of malware as well.

ii. Finds Hidden Malware

WordPress is made up of files and folders. When you first create a WordPress website, there are only a few files and folders. Hence, hackers have a limited number of locations to hide malware.

As time goes on the website becomes bigger and more complex. More files and folders are added to the site. Once they gain access to your website, hackers can hide malware anywhere on your site.

It’s hard to find malware in large and complex malware.

MalCare goes above and beyond to check every nook and corner of your website to find hidden malware.

iii. Does Not Slow Your Website Down

Some website scanners are notorious for slowing down WordPress sites when they are running a scan. But MalCare copies your entire website to their own server and runs a scan on their own server. This ensures that your website’s speed and performance is not affected during the scan.

iv. Minimal False Alarms

As we mentioned earlier, MalCare checks the behavior of code instead of just relying on signature and pattern matching to figure out if a code is malicious or not. This ensures that it’s not blindly concluding that the code is malicious and helps reduce false alarms.

How To Run a Website Scan?

1. The first step is to install the MalCare plugin on your website.

2. Next, from your website dashboard, select MalCare.

3. On the MalCare page, enter the website URL and run a malware scan for free.


malcare scan


If it finds malware on your site, it says that your website is ‘Hacked’ along with the number of infected files found.


malcare security


There are other ways of learning if your site is hacked and we have mentioned them below. But please note that scanning your website is the most effective way to find out whether your site is compromised.

2. Check If Google Has Marked Your Site As Insecure

Google is the world’s most popular search engine. They ensure that Google users have a safe browsing experience.

Many hacked websites force visitors to download malicious code through different files. Therefore, Google is constantly on the lookout for hacked websites so that they can blacklist them and prevent users from accessing these potentially harmful sites.

If your website is hacked, sooner or later Google will blacklist your site. When your website is blacklisted, Google users who are trying to access your website will see the following message and they’ll be blocked from accessing your site –


google blacklist


How to Find Out If Google Has Blacklisted Your Site?

There are 2 ways to find out if your Google has blacklisted your website. Those are –

i. Check If Your Site Is Blacklisted Using MalCare

In the previous section, we spoke about using MalCare to scan your website. It’ll alert you if it finds malware on your site. Moreover, it will show you if your website is blacklisted.


malcare google blacklisting


ii. Try Accessing Your Website As a Google User

Another way to figure out if your website is blacklisted to search your website on Google.

All you need to do is open your browser in incognito mode and open Then place the following sentence on Google search and hit enter –


(Please remember to replace the text with the actual URL of your website.)


google site search


The links that appear on the Google search, click on any of them to access your website.

(Please ensure that you are logged out of your website when you are doing this.)

If your site is blacklisted Google will prevent you from accessing your website. It’ll show you one of the following messages and urge you to go back to safety –

    • The site ahead contains malware
    • Phishing attacks ahead
    • Deceptive site ahead, etc

A blacklisted website is a sure-shot sign of a hacked site.

3. Check If Google Search Results Flags Your Site As Hacked or Harmful

Besides blacklisting your site, another way Google warns it’s users to prevent them from accessing a hacked website is by flagging the website on search results.

When you search for your website on Google like this – site: – Google may show a warning right underneath your website URL.

Google may warn the user that the “site is hacked.”


this site may be hacked


Or Google can say that the “site may harm your computer.”


this site may harm your computer


This is a good indicator that your website is hacked.

4. Check If Google’s Search Console Shows Your Site Contains Malware

Google’s Search Console helps you monitor your website’s traffic and performance. It also alerts you if it finds any security issue on your website. This means if your website has malware, it’s quite possible that the Search Console has detected it.

    1. Login into your Google Search Console account.
    2. On the left-hand side menu, select Security Issues.
    3. If your site is hacked, you should see an alert saying unwanted software detected on the site.


google search console security issues


NOTE: You need to set up your Google Search Console to enable it to detect security issues. If your Search Console is not set up then, you can rely on the other methods to detect if your website is hacked. Nonetheless, we strongly suggest that you set up a Search Console right away if you haven’t already.

After having implemented the methods listed above, if you find that your website is really hacked, then you have to clean it immediately. In the next section, we’ll show you how to clean and fix your hacked website.

→ My Site Is Hacked, Now What?

Detecting a hack is just the first step to fixing your website. After detection, the next step is to clean your site.

1. Clean Your Hacked Website

The best way to clean malware from your site is by using a security plugin. There are plenty of plugins that offer malware removal services but most of them have a long turnaround time.

The process of malware removal with most plugins goes like this – You need to sign up, then raise a ticket with them and wait for a reply. Then security personnel will reach out to you and you’ll need to give him or her access to your website to investigate the hack. After that, they’ll proceed to clean your site which can end up taking somewhere between a few hours to a few days.

When your website is malware-infected, time is of the essence. It won’t take long for things to snowball into bigger issues. Hence, waiting for security personnel may not be the best way to clean your website.

We recommend using MalCare’s Instant Malware Removal. It’ll clean your website under 5 mins.

Here’s how you can clean your website with MalCare –

    1. If you have scanned your website with MalCare (as we recommended at the beginning of the article) then the plugin will alert you if it finds malware on your site.
    2. To clean malware, you need to click on the Auto-Clean button and then MalCare will ask you to upgrade.
    3. After upgrading, MalCare will start cleaning your website immediately.


malcare auto-clean


In case you didn’t scan your site with MalCare, you can still clean your site with the plugin. All you need to do is –

    1. Select a MalCare plan and sign up.
    2. MalCare will immediately start scanning your site.
    3. After it detects malware on your site, you can proceed to clean it by clicking on the Auto-Clean button.

2. Detect & Remove The Vulnerability That Caused The Hack

Cleaning your website is half the battle. Next, you need to identify and remove the vulnerabilities that enabled hackers to hack your website and infect it.

There are two common types of vulnerabilities that cause a hack. Those are – vulnerable plugins and themes and weak credentials. Here’s what you need to do to remove these vulnerabilities –

i. Update or Remove Vulnerable Plugins & Themes

Outdated plugins and themes can be vulnerable and can be exploited to break into your website. Hence we suggest that you update all outdated software which includes not just plugins and themes but also your WordPress core.

If you’re using pirated themes and plugins, we strongly suggest that your deactivate and delete them from your website. Pirated software is usually infected with malware which when installed on a WordPress website enables hackers to access your site.

ii. Use Strong Username & Password

One of the most common methods hackers use to break into a website is brute force attacks. In this type of attack, they use bots to try to guess the right combination of usernames and passwords to gain access to your site.

Websites with easy-to-guess usernames (like admin, John, user, etc) and passwords (like password123, admin1234, user1234) are easy to compromise.

What you need to do is take a look at all the user credentials of your website. Make sure all your user credentials are strong enough to withstand a brute force attack.

If you need to change usernames, then follow this guide – How to Change WordPress Username? And if you want to change your passwords, here’s a guide that’ll help you – How to Generate Strong Passwords?

3. Remove Google Blacklist & Host Suspension (Optional)

If your website is blacklisted then you need to tell Google that you have cleaned your website so that they can proceed to remove the blacklist. You will need to submit your website for review and this guide will help you do just that – How to Remove Google Blacklist?

And if your website is suspended, you will need to contact your hosting provider and tell them to unsuspend your website. Here’s a guide that’ll show you the exact steps you need to take – How To Fix A Website Suspended By Hosting Provider?

After you have taken all the above steps to fix your website, there’s just one very important thing left to do. You need to ensure that your website is never hacked again. In the next section, we’ll show you the exact steps you need to take to secure your website from future hack attempts.

How Do I Ensure My Site Is Never Hacked Again?

To protect your WordPress website from future hack attempts, we strongly recommend that you implement the steps below:

i. Install a WordPress Security Plugin
ii. Update Your Website Regularly
iii. Download Plugins & Themes From Only Trusted Marketplaces
iv. Harden Your Website

i. Install a WordPress Security Plugin

A WordPress security plugin has 3 core tasks to perform: scanning, cleaning, and protecting a website. If you install a security plugin on your website, it’ll scan your website every day, clean it if your website is hacked, and take measures to protect your website from future hack attempts.

You can pick a site security plugin from our list of the best WordPress security plugin.

ii. Update Your Website Regularly

We have mentioned earlier in the article that vulnerable plugins and themes can cause a website to get compromised.

With time every theme or plugin develops vulnerabilities. To fix the vulnerability, developers will quickly release a patch through an update. This is why updating your website is so important.

Delay in updating can prove to be disastrous for your website, therefore, you need to implement updates on a daily basis. But if you are maintaining too many websites, then we suggest updating every week.

Learn how to update your website safely.


WordPress updates


iii. Download Plugins & Themes From Only Trusted Marketplaces

It’s tempting to use pirated themes and plugins. You may not have to pay for a pirated plugin or theme but it does come at a cost.

Most pirated plugins or themes contain malware. So when you install and activate pirated software on your website, the malware is also activated.

The malware acts like a backdoor that gives hackers access to your website. Moreover, pirated software doesn’t receive updates from developers. When vulnerabilities develop in the software, without an update there’s no way to patch the software. Pirated software leaves your website vulnerable for hackers to compromise.

Hence you have to avoid using pirated WordPress themes and plugins on your website. And use plugins and themes from only trusted marketplaces like ThemeForest, CodeCanyon, Evanto, etc.

iv. Harden Your Website

WordPress recommends taking certain measures to harden the security of your website. To implement these measures you need to have technical knowledge of WordPress.

If you don’t have that knowledge then don’t worry, we’ll show you the exact steps that you need to take to implement those site hardening measures. You can learn to harden your site by following this guide on WordPress hardening.

With that, we have come to the end of our article. We are confident that if you take these steps, your website will be secure from hack attempts.

Final Thoughts

Dealing with a hack is. nightmare. Cleaning and fixing a hacked website is time-consuming, often expensive, and difficult.

It’s important to take preventive website security measures on your site to ensure it’s protected against hack attempts.

One of the best ways to do that is to have a security plugin like MalCare installed on your website. It scans your website on a daily basis and alerts you when it detects suspicious activities on your WordPress website. It helps implement website hardening measures and even cleans hacked websites under 5 mins.

Install MalCare Security Plugin Right Now!

has my site been hacked?

The post “Is My Site Hacked?” Here’s How to Find Out (Step By Step) appeared first on MalCare.

About the author 

WP Maintain Support Protect

You may also like

Who Attacked SolarWinds and just why WordPress Users Have to know

Who Attacked SolarWinds and just why WordPress Users Have to know

SolarWinds and offer Chain Attacks: Could this happen to WordPress?

SolarWinds and offer Chain Attacks: Could this happen to WordPress?

WordPress Hardening: 18 Methods to Harden Security of one’s Website

WordPress Hardening: 18 Methods to Harden Security of one’s Website
{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Subscribe to our newsletter now!