How to Check if Your WordPress Site Has Been Hacked

Rachel Rivera, PJV Tutorials

22 March 2016

This past week Parajunkee.com was a hot mess. Slow load time, weird quirky issues with plugins and then finally the site went down and became nothing but symbols in the middle of the night. The site was hacked, even though I had the Bulletproof Security plugin installed, even though I pay for extra protection from my host, even though I have scanner plugins working daily. The site was STILL hacked.

The only way I knew was because of the side effects of being hacked. It was probably allowed because of a PRO plugin I bought for $20 and installed. Lost my money on that one. Just goes to show, you never know. So…how did I know?

  • Patti texted me that Parajunkee.com was nothing but symbols (BINGO – this was the kicker)
  • My site slowed down when it wasn’t all symbols
  • My plugins were acting funny, showing the wrong symbols
  • The .htaccess file had new code in it
  • There were new .php files in my File Manager
Wordpress Site Hacked
WordPress has it’s Pros – but it also has plenty of CONS.
Source: pixabay.com

Sucuri SiteCheck

Use Sucuri SiteCheck to scan your site and look for malicious hacks. It checks your site for viruses, malware, redirects, and other spam. There is a pro option for almost $100 a year, but they do offer a free service. They also have a plugin.


Check Your Hosting Schedules

Take a deep breath non-tech people. There is this thing called CRON. It’s basically a “DIY” script runner. (actual definition: The software utility Cron is a time-based job scheduler in Unix-like computer operating systems – via Wiki) If you wanted to have your site do something all fancy (with code), like run a scheduled scan etc. you would use CRON. It’s in your CPanel of your host. Check if there is anything scheduled there. When someone hacks your sites, sometimes they add some code that will be scheduled to “refresh” even after you’ve deleted all the nasty files. So, you run all this stuff, get it out of there and suddenly it’s back. That’s because they had some other nasty bits in there that you didn’t catch. It’s easy to go into your CPanel and check CRON and see if you have anything scheduled.


Check For Odd Behavior

  • Your plugins might behave oddly, weird symbols where there used to be straightforward icons Ö vs ⊗
  • A popup occurs while on your site
  • There is a link in your footer that you don’t remember adding
  • Odd text in your “View Source”
  • Spikes in traffic and bandwidth


Use Google

Sign into Google Webmaster Tools and check for “bad” activity. They will find it and email it to you, but they will also display it for everyone to see. They don’t fix it, only tell you that’s it’s wonky. Then, once you fix everything, use Fetch as Google and check if Google is seeing things okay.

“30,000 sites are identified as ‘hacked’ or passing on malicious code, daily.”

Sometimes your site will be hacked and you’ll have NO idea. Sometimes it will be obvious. It depends on what kind of hack occurs. I’ve fixed a clients site that was hacked that the only way we knew was because when we got on Chrome, it flagged a warning. The warning was the site was considered SPAM. This is not good, because the site was blacklisted by Google. Search your site using Chrome on a regular basis.

Hacked WordPress Site

The view from Google when you click through a blacklisted site.

Obvious Ways To Tell Your Site Has Been Hacked:

  • Unable to login
  • New Users / Members in your User tab
  • Email acting wonky (if you use domain email)
  • Traffic drops considerably
  • New .php files in your File Manager
Detect hacked wordpress

Next week we’ll go into details of what to do once your site is hacked. Run along and go check that you are doing okay! Leave a comment if you’ve been hacked before and how you found out.

Want more book recommendations, product reviews & tutorials?
Subscribe to our Awesome Newsletter.


The Parajunkee.com Blog Subscription

1 Comment

  1. Samantha

    Ekk! Sorry that happened but I am glad you shared. Its good to know what to do if something were to happen to my site!

How To Maximize Your Buy Links

As a blogger, Indie Author, or in my case, both, tracking and analytics is imperative to continued success. If something works, you want to know that it works and then you want to know what you did, so you can repeat it. No one is going to knock on your door and say “Hey, what you did there. It rocked. Do it again.” But, if you see that people are clicking, things like links… a lightbulb can go off, and you’ll realize that your efforts are paying off. If you can’t tell what people are clicking, though…well you’ve lost before you even started.

read more

Book Signings 101 – What I Learned From A Year of Signings

The weekend that passed, was Booking in Biloxi, a large author even that is held every year in the city of Biloxi, Mississippi. The BiB signing was the first signing that I participated in as a new author. It took me almost a year to work myself up to do a signing – and – also to make it onto a list. So, after this recent event, I had successfully (loose interpretation of successful) completed one year of signings. This is what I’ve learned.

read more

Top Ten Ways to Optimize Your Facebook Usage

TUTORIAL TUESDAY Top Ten Ways to Optimize Your Facebook Usage Rachel Rivera, PJV Tutorials 07 March 2017 Make sure you have a dynamic cover photo and you incorporate your brand within your profile picture. If your brand is YOUR face, that works too. I see a lot of...

read more

About The Author


Rachel, whom you might know as Parajunkee, is the blog owner of parajunkee.com and the design blog parajunkee.net. To make matters even more confusing she is now a published author under the pen name of Gillian Zane. Rachel has been blogging for over eight years, designing / web programming for over fifteen, but her real love, reading, has been her favorite hobby since childhood. Rachel has won numerous awards for her writing, the blogs she has created and her design work. If you want to check out more about her books click "The Books" on the navigation bar at the top of the page.