You bring up your site and … something’s not right.
In fact, something is very wrong.
How do you know if you’ve been hacked?
Here are 12 definite signs…
1: Your Site Vanishes
If you’re online and your site has disappeared and the only thing that comes up is a blank screen with an, “Oops! Site could not be found,” there could be two reasons.
Either your web designer is modifying the site and it’s not finished yet, or you’ve been hacked.
2: Your Site Displays Another Website
Some hackers will redirect your site to an adult site by placing redirect code in your files.
Look for a new file or existing file that contains something like this:
<meta http-equiv=”refresh” content=”0; url=http://example.com/” />
3: Your Browsers Shows a Screen of Death
Your browser might be the first to alert you that your site has been compromised.
If malware is detected, the red screen that says, “The Website Ahead Contains Malware!” is a sure sign that your website needs deep cleaning.
4: You See Weird Code at the Top or Bottom of Your Website
The hacker might not have been successful or they may have been interrupted, leaving code fragments on your site.
It will look like a bunch of gibberish to the average person and will often be displayed at the top of bottom of the site.
5: Your Site Loads Crazy Slow, or It Crashes
Hackers may be using your site to send spam emails by the thousands, in which case your entire server and the sites hosted on it will slow down.
It is possible that it’s another site on your shared server that was hacked. Here’s hoping, except now we feel bad for them.
6: Your Emails Go to Spam
ISP’s maintain spam lists to blacklist domains that send out 1,000’s of spam emails.
If your site is being used to send out emails by a hacker, then your domain may be blacklisted.
If this happens, even the emails you personally send out will be marked as spam.
7: Admin and Public Sections Look the Same
If the admin section of your site and the public section of your site look the same, then the hackers may have been skinning your admin section to look like your public facing site.
This type of hacking comes with not-so-clever additions promoting the hackers’ prescription drug or adult site of choice.
8: Viagra Has Taken Over Your Site
You find words that you didn’t type in weird places or added links for products that aren’t yours.
These links might even be given stealth placement inside technological or scientific words.
And sometimes the links are in another language.
9: Weird or Unusual Activity
You suddenly see a crazy traffic spike for a post you made two years ago.
Or it seems like everyone in Russia has suddenly jumped on your website for no apparent reason.
Maybe you see extra comments that cannot be explained.
The big indicator here is a sudden spike in foreign traffic.
10: Google Tells You There is a Problem
Google watches your site for problems when it makes its scans. If it finds one, it will report back to you inside Google Webmaster Tools.
Unfortunately, it will also tell your visitors as well when they try to come to your website. This is what causes those warning boxes that pop up in your browser when you visit a site.
11: You Find Something Wrong in Your Files
If you’re a developer or you can work on your own code, you can monitor your site yourself for strange activity.
PHP files in your theme, the .htaccess file and the extra files in your WordPress home directory are all common places to find hacked code.
You’re looking for hidden or obfuscated code. You can scan your entire file structure for “base64” or look at the ends of PHP files for anything you don’t recognize.
12: Sucuri SiteCheck Tells You There is (or was) a Problem
Sucuri SiteCheck will scan your website against a database of known problems and determine if it’s been hacked.
It looks for 10 different items to make sure your site is safe, including viruses, spam and redirects.
You can get a manual scan for free or sign up to have your site regularly scanned and cleaned.https://sitecheck.sucuri.net/ . For a good list of Web Application Firewalls you can take a look at https://www.comparitech.com/net-admin/best-web-application-firewall/.