I’ve shared stories in the past about clients who came to me with Websites that were hacked and they didn’t even know it. So how does one know?
First of all, you are never too small to have your WordPress site hacked.
The first step is to just look at the site. Is it up and functioning?
Check. Many times when a Website is hacked, the home-page immediately goes down and is left blank or replaced with a hacker’s page.
The next step is to Google your site.
Sometimes a Website that has been hacked will be found out by Google before it’s found out by a “normal” person. If you see any weird characters in your site description or Google says “This site may be hacked,” then there’s a chance you’ve been hacked.
Next, be sure to install a security plug-in and run a malware scan.
This will search the files in your WordPress installation for anything funky. Note that without special configuration this will not search the non-Wordpress parts of your Web server.
Finally, if you still aren’t satisfied, have your host do a scan.
Some hosts will do this for free or even automatically (like GoDaddy or my own hosting, which is supported by GoDaddy), and others will charge a fee.
How are WordPress sites hacked?
I wrote a post about this recently: How are most WordPress websites hacked?
What to do if I’m hacked?
If you determine that your site is hacked, I highly recommend having a professional look at it. This is something that I can do on any of my
If you want to get an immediate jump on securing your site, I have put together a simple checklist called, “The WordPress Security Checklist: 7 “Common Sense” Tips to Keep you from Getting Hacked.”
I hope you will download it below and let me know if you have any questions.