How Can I Tell if My WordPress Site Has Been Hacked?
Common signs of a hacked WordPress site: unexpected pop-ups or redirects, strange new pages or admin users, a Google 'this site may be hacked' warning, spam emails sent from your domain, or a sudden drop in traffic. If you spot any, act quickly.
The short version
A hacked WordPress site usually gives itself away. The clearest signs: visitors get redirected to sketchy websites, pop-ups or ads you never added, a Google warning that says "this site may be hacked" or "deceptive site ahead," strange new admin users, spam emails going out from your domain, or a sudden, unexplained drop in traffic. Any one of these is worth taking seriously right away.
The warning signs
Some hacks are loud — the whole site defaced or redirected somewhere else. Most are quiet on purpose: hidden spam pages, code slipped into your files, or your site quietly sending spam so it stays useful to the attacker for as long as possible. That's why a Google warning or a heads-up from your host is often the first real clue. If your traffic falls off a cliff for no obvious reason, that can be a symptom too.
What to do
Don't panic, and don't start deleting things at random — that usually makes the cleanup harder. The safe move is to get the site scanned, find exactly what was changed, remove it, and close the hole that let them in so it doesn't come straight back. We've cleaned up hundreds of these, and it's almost always more routine than it feels in the moment. If you think your site's been hit, send it our way.
Related terms
Rather just have it handled?
Security & Malware Cleanup