TUTORIAL TUESDAY
How to Check if Your WordPress Site Has Been Hacked
HACKED WORDPRESS

Rachel Rivera, PJV Tutorials

22 March 2016

This past week Parajunkee.com was a hot mess. Slow load time, weird quirky issues with plugins and then finally the site went down and became nothing but symbols in the middle of the night. The site was hacked, even though I had the Bulletproof Security plugin installed, even though I pay for extra protection from my host, even though I have scanner plugins working daily. The site was STILL hacked.

The only way I knew was because of the side effects of being hacked. It was probably allowed because of a PRO plugin I bought for $20 and installed. Lost my money on that one. Just goes to show, you never know. So…how did I know?

  • Patti texted me that Parajunkee.com was nothing but symbols (BINGO – this was the kicker)
  • My site slowed down when it wasn’t all symbols
  • My plugins were acting funny, showing the wrong symbols
  • The .htaccess file had new code in it
  • There were new .php files in my File Manager
WordPress has it’s Pros – but it also has plenty of CONS.
Source: pixabay.com
1

Sucuri SiteCheck

Use Sucuri SiteCheck to scan your site and look for malicious hacks. It checks your site for viruses, malware, redirects, and other spam. There is a pro option for almost $100 a year, but they do offer a free service. They also have a plugin.

2

Check Your Hosting Schedules

Take a deep breath non-tech people. There is this thing called CRON. It’s basically a “DIY” script runner. (actual definition: The software utility Cron is a time-based job scheduler in Unix-like computer operating systems – via Wiki) If you wanted to have your site do something all fancy (with code), like run a scheduled scan etc. you would use CRON. It’s in your CPanel of your host. Check if there is anything scheduled there. When someone hacks your sites, sometimes they add some code that will be scheduled to “refresh” even after you’ve deleted all the nasty files. So, you run all this stuff, get it out of there and suddenly it’s back. That’s because they had some other nasty bits in there that you didn’t catch. It’s easy to go into your CPanel and check CRON and see if you have anything scheduled.

3

Check For Odd Behavior

  • Your plugins might behave oddly, weird symbols where there used to be straightforward icons Ö vs ⊗
  • A popup occurs while on your site
  • There is a link in your footer that you don’t remember adding
  • Odd text in your “View Source”
  • Spikes in traffic and bandwidth

4

Use Google

Sign into Google Webmaster Tools and check for “bad” activity. They will find it and email it to you, but they will also display it for everyone to see. They don’t fix it, only tell you that’s it’s wonky. Then, once you fix everything, use Fetch as Google and check if Google is seeing things okay.

“30,000 sites are identified as ‘hacked’ or passing on malicious code, daily.”

Sometimes your site will be hacked and you’ll have NO idea. Sometimes it will be obvious. It depends on what kind of hack occurs. I’ve fixed a clients site that was hacked that the only way we knew was because when we got on Chrome, it flagged a warning. The warning was the site was considered SPAM. This is not good, because the site was blacklisted by Google. Search your site using Chrome on a regular basis.

Hacked WordPress Site

The view from Google when you click through a blacklisted site.

Obvious Ways To Tell Your Site Has Been Hacked:

  • Unable to login
  • New Users / Members in your User tab
  • Email acting wonky (if you use domain email)
  • Traffic drops considerably
  • New .php files in your File Manager
Detect hacked wordpress

Next week we’ll go into details of what to do once your site is hacked. Run along and go check that you are doing okay! Leave a comment if you’ve been hacked before and how you found out.

Want more book recommendations & tutorials?
Subscribe to our Awesome Newsletter.

The Parajunkee.com Blog Subscription

1 Comment

  1. Samantha

    Ekk! Sorry that happened but I am glad you shared. Its good to know what to do if something were to happen to my site!

Smashwords vs. Draft2Digital Break-Down for Indie Authors

The hardest part of Indie Authorship..or at least one of the hardest parts is the publishing process. Formatting, set-up, publishing can be such a headache – and my biggest issues have always been when trying to publish through programs like Smashwords. When I mentioned this to other authors, they either nodded in commiseration, or they quickly responded with: “Try Draft2Digital, I love it.” This led me to research and this is what I came up with. I hope it helps you make the decision. I am currently moving over to Draft2Digital.

read more

Show Your Readers Some Love – Blogging Tutorial

Happy Valentine’s Day! Today is the day to show the love, and not just to your significant other. You can also show your readers some love. What better day to appreciate your readership, than Valentine’s Day? Spread the love and let them know you appreciate them…here are my suggestions for a bit of blog reader love.

read more

HOLY SH!T! My site has been hacked, what do I do?

If you run a Wordpress site, chances are, there are people, bots, assholes– out there trying to hack your site. The first step is preventative, but even the most diligent user might be hacked.  This is the down and dirty basics on what to do when your site gets hacked. This isn’t geared for advanced users, this is geared for the average user.

read more
Page 1 of 8912345... »102030... »Last »

About The Author

Parajunkee

Rachel, whom you might know as Parajunkee, is the blog owner of parajunkee.com and the design blog parajunkee.net. To make matters even more confusing she is now a published author under the pen name of Gillian Zane. Rachel has been blogging for over eight years, designing / web programming for over fifteen, but her real love, reading, has been her favorite hobby since childhood. Rachel has won numerous awards for her writing, the blogs she has created and her design work. If you want to check out more about her books click "The Books" on the navigation bar at the top of the page.

PJV Sponsors

Right in your box!

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,970 other subscribers


blog advertising is good for you on the PJV!

Products on the PJV