Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Ways to know if your WordPress 
site has been hacked
• Having your site hacked is the worst thing to 
happen to any site owner 
• Sometimes it takes weeks/ months/ years to 
d...
Look for the Obvious 
● Some hackers like to work stealthily 
● Some others like to announce their feats to the 
whole wor...
Defaced Home Page 
• Most obvious sign that you’ve been hacked 
• Change your home page for maximum impact 
• Hackers ofte...
Site Crash 
• Attackers may be using up all the server resources 
• Some important parts of your site may have been delete...
White Screen of Death 
• WSOD is an error in 
WordPress manifests as a 
blank white page with no 
information 
• Akin to W...
Website Redirection 
• Your visitors are taken to a new URL on accessing your 
homepage 
• Achieved by modifying the htacc...
Weird Pop-Ups 
• Frequent, unexpected pop-ups opening on your site 
indicates a hack 
• Pop ups can also gather data on yo...
Site Blocked 
• If your site is suddenly blocked by your hosting, you may 
have been hacked 
• Repeated brute force attemp...
Scan Frequently 
• Scan your site frequently to check for any anomalies 
• Many options available - Wordfence Security Plu...
Monitor File Changes 
• When hackers try to inject malware into your site, they 
upload malicious scripts 
• The TimThumb ...
Monitor User Activity 
• Unusual user activity is another good indicator of a hacked 
site 
• Hackers usually create admin...
Track Your Traffic 
• Traffic monitoring gives you detailed information about your 
visitors and also about hacks 
• If yo...
Constant vigilance is the key.. 
Stay protected, stay safe!
Upcoming SlideShare
Loading in …5
×

Ways to know if your WordPress site has been hacked

3,839 views

Published on

Getting hacked is the worst thing that can happen to you. But there are ways to detect it at the earliest to minimize the damage. For the detailed article, check out this link - https://blogvault.net/ways-to-know-if-your-wordpress-site-has-been-hacked/

Published in: Services
  • Be the first to comment

  • Be the first to like this

Ways to know if your WordPress site has been hacked

  1. 1. Ways to know if your WordPress site has been hacked
  2. 2. • Having your site hacked is the worst thing to happen to any site owner • Sometimes it takes weeks/ months/ years to detect a hack • Easily identified only when front page is defaced • Can cause extensive damage to your brand and reputation
  3. 3. Look for the Obvious ● Some hackers like to work stealthily ● Some others like to announce their feats to the whole world ○ Deface your site’s home page ○ Add unpleasant pop-ups ○ Redirect your site to a different URL
  4. 4. Defaced Home Page • Most obvious sign that you’ve been hacked • Change your home page for maximum impact • Hackers often wipe out everything on your site, leaving just an image on your home page • Image used can also be distasteful or explicit
  5. 5. Site Crash • Attackers may be using up all the server resources • Some important parts of your site may have been deleted • Such activities often results in a site crash • Users see a 404 page not found error on accessing your site • Crash may also be an outcome of a developmental activity • Analyze your logs thoroughly to narrow down on the root cause
  6. 6. White Screen of Death • WSOD is an error in WordPress manifests as a blank white page with no information • Akin to Windows’ infamous blue screen • Stops your website from working and you cannot access the WordPress dashboard
  7. 7. Website Redirection • Your visitors are taken to a new URL on accessing your homepage • Achieved by modifying the htaccess file on your server • Attackers add a rule to the htaccess file by which all your visitors will be redirected to a site of their choice • Some rules only match search engine bots and not your own requests - go unnoticed for a long time • The longer they’re active the more potential it has at affecting your search engine rankings
  8. 8. Weird Pop-Ups • Frequent, unexpected pop-ups opening on your site indicates a hack • Pop ups can also gather data on your browsing pattern, capture cookies and send it to the attackers • Clicking these pop up ads may downloaded other malware
  9. 9. Site Blocked • If your site is suddenly blocked by your hosting, you may have been hacked • Repeated brute force attempts or a sudden spike in bandwidth usage are possible reasons • Some hosts send you a notification but most providers just stay mum after blocking you
  10. 10. Scan Frequently • Scan your site frequently to check for any anomalies • Many options available - Wordfence Security Plugin, Sucuri SiteCheck, and WPScan • Scanners cover all known security issues including malware infections, spam, and irregular redirects
  11. 11. Monitor File Changes • When hackers try to inject malware into your site, they upload malicious scripts • The TimThumb vulnerability is one such example where the uploads directory was exploited • These scripts are then executed remotely to wreak havoc on your site • You must constantly monitor your files for any updates • Plugins like WordPress File Monitor and WP Changes Tracker help you monitor file activity
  12. 12. Monitor User Activity • Unusual user activity is another good indicator of a hacked site • Hackers usually create admin users using SQL injection or remote file execution attacks • You must monitor your site for new admin users • Attackers can also change existing passwords or assign new roles to users • Quite tricky to monitor unless you have tools like WP Security Audit Log to assist you
  13. 13. Track Your Traffic • Traffic monitoring gives you detailed information about your visitors and also about hacks • If you see a sudden surge of traffic from a country that you generally don’t cater to, something must be wrong • If you see a sudden dip in traffic, that can’t be right either. • Keep a watchful eye on the traffic pattern is a must
  14. 14. Constant vigilance is the key.. Stay protected, stay safe!

×