6 Ways to Tell if Your Website Was Hacked


If you have the slightest suspicion that your website is hacked or has been hacked for some time, then that’s probably the case. At that point, you should act as soon as possible. Most of the times, people will complain that their browser is alerting them of the hack when they visit their site. It’s either that or the hosting provider took the site offline. This could reveal one scary truth – the hackers have invaded the site for quite some time now, and they might have done considerable damage. Ideally, you should invest in some security products to safely encrypt your website. You should do anything to avoid hackers and invasive attacks. But first, let’s take a look at how you should check whether your website’s health bar. We’ll talk about outside sources here, taking into consideration that even the most vigilant system administrator could overlook certain aspects.

  • Your browser gives you a warning


If you or any other visitor stumbled upon this when accessing the website on Chrome, then your site is most probably infected with a healthy dose of malware. For example, this warning tells you that your website has been used as a den for phishing attempts. Links to your website are being sent to other people, tricking them into doing what the hacker wants once they visit the website. How does the hacker achieve this? Malware.


The same goes for this warning. It’s self-explanatory, I think. Someone has access to your website’s internal structure, and they installed specific malware programs which infect the devices of your visitors.

  • The hosting provider takes your website offline

Your hosting provider might receive complaints from other users that your site is hacked, or their own autonomous screening programs have detected something wrong. Either way, they’ll immediately cut off your website from the internet. Keep in mind that some hosting providers might also format your server to prevent the infection from spreading to other users. It would be good to have a back-up close-by, just in case this happens. After they’ve closed down your website, you’ll usually receive a notification on your email.

  • Google search results show your website as potentially harmful

If you see this message right next to your website on the Google searches, then you’re probably dealing with hackers.


Sometimes, Google will remove your website from the search results altogether, if they have strong reasons to believe the malware is very risky. At times, they’ll still show it, but accompanied by a warning notification. They’ll either say that “This site may be hacked”, when they’ve noticed strange changes made to the website, or that “This site may harm your computer”, which means they’ve successfully detected the malware and they’re reminding you of this. It’s also possible for your website to display different content in different countries as part of a hack. The only way you can detect this is if you use a VPN to check your website from different countries.

  • Your Malware Scanner warns you of an infection

If you’ve been listening to me and decided to employ a malware scanner, then most likely, this is where you’ll first find out that your site is being hacked. With a malware scanner, the time between the infection and its discovery is kept to a minimum, hence its efficiency and my advice. Check your email daily, so you don’t miss any warnings when they do come.

  • Customer complaints

The truth is, your customers get to use your website way more than you do, and if you have thousands of visitors per day, this could be a very handy warning system. Quite cynical, I know, but it gets the job done. If someone informs you of fishy things related to your website, don’t wait and allow things to get out-of-hand! Take it offline if need be!

  • Google’s Search Console warns you of any infections

This console is the former “Google Webmaster Tools”. The name says enough, I think. Use it to check for any inconsistencies Google may have found when it’s indexing your website. It will even provide you with a few statistics with customer visits. As usual, you’ll receive the notifications by mail. So, if you see something like this, then your website is probably hacked.


How you can detect a hack before anyone notices

Visiting your website regularly should be your first and foremost prevention solution against malware and hacks. Just make sure to check the code and the databases regularly, and perform a couple of security checks as well. By using a Source Code Scanner, you can inspect all the PHP code and all the other source code to check for any known malware patterns. These programs will either check for any malware signatures that match their database of known infections or compare the suspicious code with a good version of it.

In this way, both old and newer types of malware can be safely detected before the infection gets to spread forth. You can also monitor the site traffic and check for any spikes. These appear when hackers use your website for a spamvertizing campaign. In plain language, they’ll include your link in spam emails which they send to people. Then, they get redirected to the true serpent hiding in the bushes. However, your website will still record a spike in traffic when the users first access the initial link. Searching for these traffic spikes with tools like Google Analytics will cut your time in half, and get you to the bottom of the issue. You’ll quickly have a general idea of whether your website has been hacked or not. Most hacked sites have these traffic spikes, so it’s quite a good hint in that direction.


Keeping your website malware-free is not that hard to accomplish, especially if you proactively search for any issues beforehand. Be vigilant, and you won’t be taken by surprise, that’s the golden rule. Build a routine of constant security check-ups, use Google’s Search Console, and remember to check your email daily for any warning notifications.

Feel free to share on social networks. Find the buttons below this post. This opinion article is for informational purposes only.

Follow my blog for more insightful articles: http://temitopeadelekan.com

Want to submit a blog post: Share a blog post

LinkedIn connect: Temitope Adelekan

Twitter: @taymethorpenj





Brought to you by Bogdan Patru – is a cybersecurity news analyst at VPNTeacher. He has a passion for international data policy and how it affects citizens’ privacy.

Edited by Temitope Adelekan