7 Signs That Your WordPress Site Is Hacked

By Rok Krivec on August 24, 2018. Filed under: , , .

Sure, WordPress might be one of the best and well-liked CMS (content management system), especially when it comes to bloggers. It is super easy to use, and even utter newbies can build a professional website using a WordPress theme.

Unfortunately, WordPress sites are still very poorly protected if not using any 3rd party software. In fact, you better not even dare to use a page without any, even if free, protection plugins. And if you invest in a premium tool, well, that’s even better.

Of course, there are loads of other indicators telling you that you are/might be affected by something suspicious that needs additional observation.

If you are serious about your online project, you better be serious about protection even more. What’s the point in doing all the hard work if later all gets lost?

Overnight website traffic decrease

When the time comes to check your Google analytics to see how your page is doing and you spot something questionable, like a big drop in traffic, it is worth to investigate the situation further. This could be a sign that your WordPress site is under attack.

Google Analytics

Some hackers attack your page to redirect your traffic to their content and ads for one main reason only: earnings.

On the other hand, if your page has some fishy content going on, Google might start displaying warnings to users. Instead of entering your web space they rather skip it and enjoy a website that is safe and secure.

You cannot enter your WordPress admin section

The funny thing is, when you want to log in to your WordPress dashboard, you notice that you cannot. As simple as that. If this happens, there is a good chance that that is hackers’ work. For whatever reason, they may have, sometimes, hackers change either your username, email or your password.

It also happens that they delete your account entirely. In this instance, you are unable to reset your password, and you need to dig deeper to get your access to admin back. Also, once you do, make sure you scan your entire WordPress website for malware, clean it and improve your site protection.

WP Login

An increase in absurd user accounts

There are two variables to this particular case.

First, if you do allow people to sign up to your WordPress page, you will be very likely to get a ton of registrations that are 100% spam. And you will immediately notice which are spam and which are real. No worries, the quickest solution is to install a spam protector.

However, if you manually add users and all of a sudden you see an insane jump in accounts that are, obviously, spam, you are probably under attack. Some of these “absurd” accounts also have an admin role what does not allow you to dele them. If you are not a coder yourself, you will need to seek help to get things sorted out.

Poorly loading website

As soon as you enter the streets of the online world, you increase your chance of being attacked by hackers. It is just the way it is, and there is no way around it.

One of the ways how you might know that something odd is going on is by checking your site’s performance and responsiveness. If it is not doing OK, investigate what might be happening as soon as possible, or better, immediately.

Website Speed

When your WordPress site is loading poorly, they might be sending loads of requests to your server at the same time. And if your server is not big enough, this translates into slow performing page. They do these attacks using several computers and servers using fake IPs.

There is also very likely that your page is simply slow for all sorts of different reasons. Whatever the case, always make sure to deliver the best possible experience to your end user, especially modern mobile users.

Pop-ups and pop-unders pushing spammy content

It is all in the name of sending your traffic to their (felonious) offers. But they do it very smartly so you might not notice it at all, or far in the future when they already stole a ton of users from you. Sometimes, it gets very tricky.

So, a hacker enters your website and sets pop-ups and pop-unders on your WordPress site in a way that does not show if you are logged in. While the majority of us are constantly signed in to our pages, it is good to log out from time to time and see how things are going on your page. Even ask your friends to access it, try different browsers and incognito option.

A sudden increase in spam

Spam can be in comments, emails, user sign-ups, you name it. That said, if you see a ton of it on your page out of the blue, you might got hit by a tracker that is continuously sending out either ads and viruses or a mixture. It surely is not something you want on your website especially when it comes to comments. Make sure you have the option to check and approve all WordPress comments on manually. Still, if your current spam protector is not performing well, change it or invest into a premium tool that will keep your page clear of spam.

Spam Comments in WordPress

Search results that are just not relevant

One thing is for sure, having a regular site checkup is crucial to run a smooth and successful WordPress site. One of the numerous ways how hackers can affect your site is by changing contents meta titles and description. It is not something that is visible on the site but hidden from site visitors (even yourself).

On the other hand, search engines are very well aware of the change and may rank your site and your articles differently. Not only will you start ranking poorer, but you will also notice a decrease in site traffic, lost leads and sales. Always be on the lookout and take care of proper site protection at all times.