There are a few ways to tell if your WordPress site is infected:
- you open up your site and ups! it says it has been hacked!
- your site is moving really slow or your hosting company reports that you are overusing resources, but you don’t see any extra activity in analytics
- when you search your site over google you notice some pages that shouldn’t be there
- it’s reported as an usafe site by your antivirus or browser
What to do if you think your WordPress site is infected
- First thing, don’t panic. Everything you do while panicking might prove wrong later. Really, don’t panic.
- Password protect your site via htaccess (you can do it from Cpanel or Plesk) so you can have a look at the site while stopping the public seeing your broken site.
- Look for backups and see if restoring an older version fixes the problem temporarily (but your site will be vulnerable once again).
- If you know a bit of how WordPress work you can re-install all the plugins and check if this solves the problem.
- If you are still in trouble and don’t know what to do next, drop us a line here. We are a real company. Seriously, we have thousands of hours worked with WordPress for companies across the World.