How to Check If Your Website Was Hacked!

Hackers are very creative in finding a way to attack your website. It’s almost impossible to stay alert 100% of the time, but you definitely want to upgrade security to prevent spam or malware issues. Timing is crucial because the delayed reaction can jeopardize site functioning and completely ruin its reputation among visitors.

In this post, we will show you how to check if your website was hacked. Let’s take a look!

Can’t access your site? Have you been hacked? Lost your password or entire account? Are your core files compromised? The free Emergency Recovery Script will solve your nightmare with a single click.

Passive Ways to Notice Hacker Attacks

There are essentially two ways to search for potential hacks from an outside source – passive and active tactics. Here is the list of reactive methods:

Google Chrome Attack Alerts

When a user is trying to visit a hacked website, Google Chrome will display one of these two warnings:

  • Phishing attack ahead
  • The site ahead contains malware

Chrome phishing alerts

In each case, your website contains malicious software that hackers use to infiltrate and infect visitors’ computers.

Hosting Provider Disconnects Your Website

A lot of website visitors probably have their own security software installed and it will send malware alert to your hosting provider automatically. In this case, the provider will react instantly and take the website offline.

Wayne Robinson, an IT specialist at Best Essays, explained it briefly: “As a webmaster, you will receive an email that confirms your site is down. On some occasions, providers also format a server to prevent further damage, which means you definitely need a reliable backup in order to recover your files successfully”.

Site Is Marked as Harmful in Google Search Results

If your website could jeopardize users’ security, Google’s search engines often won’t even show it in search results. On the other side, there is the option to show your website with one of these two types of warnings below URL:

  • The site may be hacked
  • This site may harm your computer


Both warnings indicate there is something wrong with the website, which is why Google suggests users not to open any of your pages.

Warnings Coming From Google’s Search Console

Once upon a time, webmasters communicated with Google through the Webmasters Tools. This feature has become Google’s Search Console and you definitely need to set it up if you haven’t done it yet. This tool will send you alerts in case Google detects unusual details. You can enable email notifications in Search Console Preferences so that Google can send you a message whenever there is something strange going on with the website.

Malware Scanner Sends You Alerts

As a cautious webmaster, you probably use some kind of malware scanner. This tool will keep you informed about potential infections and it is usually the fastest way to find it out. Namely, anti-malware tools regularly scan websites, so it’s up to you to pay attention to email alerts and react as soon as you read it.

Website Visitors Tell You About It

If you are hosting thousands of visitors each day, chances are some of them will try to let you know about the problem. This happens frequently since regular visitors keep coming back to consume your content, so they are the first to notice something strange. Your job is to thank these visitors and convince them you are already taking action to solve the problem.

Proactive Ways to Notice Hacker Attacks

Now that you’ve seen reactive ways to detect hacker attacks, it is time to check out a few proactive solutions. Here is the list of active anti-malware tactics, and also don’t forget to do everything in your power to prevent hacker attacks in the first place.

Source Code Scanning

Hackers are clever and you often won’t be able to notice their activities easily. They hide malicious software and the only way to detect it is by scanning the source code with one of the anti-malware tools. It’s a program that automatically analyzes PHP files and source code looking for unusual lines in the code structure.

First of all, scanners try to find and capture well-known malware footprints. However, newer malicious software is more advanced and therefore not so easy to find. In such circumstances, the second option is to compare your website’s source code with a healthy version of the same code. This way, malware cannot hide and you will be able to remove it quickly.

Monitor Website Changes

Website changes can sometimes be a good indicator of hacker attacks. If you are running a site that doesn’t change that frequently, you can use monitoring services to keep you notified of potential problems. How does it work?

The tool measures the percentage of change on each webpage. You can set up the maximum change percentage to receive a notification whenever the limit is breached. In case of hacker attacks, your pages will change much more than allowed and you can act accordingly.

A vast majority of monitoring services allow you to keep an eye on the website from the multiple locations. This is important because some hackers target a specific group of users, choosing targets based on territories, time zones, etc. When you use multiple-location monitoring, it is much simpler to find these hacking attempts.

Mind the Traffic Spikes

Although it may seem great to experience a sudden spike in website traffic, it most likely isn’t a reason to celebrate. On the contrary, unexpected traffic spikes usually occur when your site is hacked, so you definitely need to conduct a source scan to check things out.

Spam traffic

Some hackers use a “clean” website as the screen for their spamvertising campaigns. Hackers avoid spam detection clinging on to your website and exploit a huge increase in traffic to spread malicious software.

Open Your Website From Time to Time

As the webmaster, you should check out your website from time to time and see if there is anything strange going on from the visitor’s point of view. Let it become a routine – open your website at least once a day and you will easily spot unusual novelties. And when you do find them, make sure you launch a new website scan to find out what is going on.


Webmaster can never be too sure about website security. Hackers are constantly coming up with new ways to breach safety measures, so you need to be careful and pay attention to strange occurrences. If you’re running a WordPress site, you will have to take care of outdated plugins that might pose a threat.

In this post, we showed you how to check if your website was hacked.

Have you ever used some of these tactics to protect your site? Do you have other valuable suggestions to share with our readers? Feel free to let us know in comments – we will be glad to read about your experiences here!


24 thoughts on “How to Check If Your Website Was Hacked!”

  1. Hi
    Great list. One of my site was attacked by dishonest hosting company. It took me 7 days to recover.BTW, the company link given on this artilce, I can’t visit the site.

  2. Nice and osm information Warren I knew some of these but some are very important for me. keep sharing,

    Thank you!

  3. Thanks for such informative article. I was not aware about all such things that can help my website from hacking. This article is useful for both, The young professionals and working professionals.

    Thanks Warren

  4. Hi Warren,

    Such a great post. I will use this technique to secure my website. Keep doing great work. Also, thank you for sharing a valuable post with us.

    Kind Regards,
    Mark Anthony

  5. Hi Warren,
    I really liked your post. Recently, i have faced the problem of unusual traffic coming from other country and it’s quite regular from last 2-3 months on a regular interval.

    Checking your website from time to time to good idea but how to figure that kinda attack and stop it, that would be more interesting to me. Your blog is really helpful. Thanks for sharing it with us.

  6. Hi Warren,

    Thanks for sharing this information and for letting us know about Security Ninja. As website owner and blogger we spend a lot of time and effort in creating valuable content which remains valuable as long as it is available online.

    Making sure that we have reputable plugins and security methods ensure that our website remains online.

    Thanks for sharing.

  7. Hii
    Thanks for sharing this informative post with us. A website owner works a lot to achieve success and they can’t afford to lose all their hard work, so we should make an effort to improve the security of our website. The tips that you have provided in this post will help in checking the security of our website.

    Thanks and have a great day.
    Praveen Verma

  8. Hi Warren,

    This is a great reminder for website owners as to how to be aware of what’s going on or might happen when your site or a site your’re is hacked. I remember on occasion I vsisted some sites only to be warned that the site contains malware. I never knew it was a warning sign that it was hacked. Sometimes when the info is so important for my project, ignore and push ahead. But now I have a better understanding.

    Thanks for sharing this helpful article.

    • That’s what most people will do with your blog as well. If you ignore some of the signs, it might eventually lead up to losing visitors who trusted you for months or even years!

      And I don’t even have to speak about what happens if you are selling products through your site and it shows warning signs… so checking the site regularly and installing the right tools is a must

  9. Hi Warren,
    Nice to see you Enstines blog. And I appreciate your effort in creating such an amazing post. It was really helpful.
    Thanks for sharing.
    And have a good week ahead.

  10. Great post Warren. I think all should periodically check their website for any malware and install Antivirus WordPress plugins if possible to automate the task.

  11. Good tips Warren. I recall my browser being hacked once but I swore it was my blog at first. When I visited my blog I saw every image replaced with spammy Russian pictures. Red flag. My formatting was off too. But after 10 minutes of believing it was my blog I exited and found every site I visited appeared hacked; a light bulb went off, as I quickly saw it was a browser issue on my Chromebook.

    • Thank you, Ryan!

      Well, I hope fixing the browser issue was much easier than restoring the entire blog hehe

      Luckily, today’s technology makes it much easier to keep backups and keep the hackers off from your blog. I also think it’s important to let people know about all the possible problems, so they can easily take the next steps to make their sites (and browsers) a safer place.

  12. Hi Warren, Thanks for sharing this measures to secure a website.

    This proactive method – Checking website from time to time works best for me.

    Moreover, my hosting provider (iPage) would always inform me of threats and malicious code. so the stress is less from my side.

    But What I intend doing is to have an Auto website backup tool. Let me know if you have any to suggest or the ones you’ve used.

    • It’s always great to have help in form of your hosting provider or an additional tool like Security Ninja I mentioned in the article and that has helped me a lot so far!

      When it comes to backups, I’d suggest BackupBuddy or UpdraftPlus

  13. I think this article will help many people to fix their website prevent hacking and thanks for sharing this valuable information keep sharing content like this

    • I certainly hope so 🙂 There are just too many blog owners who have problems with this, so I think the article might help

Comments are closed.