How Do I Know If My WordPress Site Has Been Hacked?

Last updated: September 15 2020

Recently we noticed lots of malware attacks targeting WordPress sites, especially those with File Manager plugin installed.
If you’re a site owner, try to perform regular checks for your website:

1. Go to: https://www.google.com/ and enter site:example.com, where you should replace example.com with your own domain name.
2. Use popular scan tools, like Sitecheck from Sucuri, Scanner from PCrisk or Virustotal.
3. Scan web files locally, using ESET, Sophos, Kaspersky, BitDefender or McAfee.

If you notice anything suspicious like weird characters inside your Google search results – Japanese keywords hack, or redirects while clicking on them, then a contamination might’ve been occurred already. Here’s an example:

Also if your site visitors complain about being redirected to weird sites, don’t ignore their complaints and investigate.