How does website hacking occur? – 10 signs

Maria Preußmann
Posted by Maria Preußmann

6 minutes read

The nightmare of all website owners: your website gets hacked. The signs are sometimes obvious, but sometimes so subtle that the problem goes unnoticed for weeks. Learn more about the warning signs to respond quickly to the hacker attack.

As a business, your website is one of your most important assets. It’s the face of your company, a place to build trust with your customers and promote your services and products.

It’s no surprise that hackers often target websites to gain access to sensitive information or simply cause mischief. In this article, we’ll go over some of the signs you can use to tell if a website has been hacked and what you can do to notice a hack as soon as possible.

By loading the video, you agree to YouTube’s privacy policy.
Learn more


Prevention is better than cure – in this podcast episode, you’ll learn which mindset helps you best to protect your website from hackers.

Is my website interesting for hackers?

You may think that your business is not interesting enough to be compromised because it is small or your blog has low traffic. But there is no specific target group in terms of topic or size. The hacker’s motivation is to find a security gap in a plugin, a PHP version or something similar. Then they attack every website with this gap.

Is my website hacked?

Hacks may be obviously visible on the website. Unfortunately, some hacks cause damage unnoticed because they are not immediately visible. So let’s talk about obvious and subtle indicators.

1. Google warning

When a website has been hacked, the warning This website may have been hacked appears in the Google search result snippet. If you see this message, do not click on the website, because just visiting the website can load a malicious script.

Google marks a website with a warning directly in the search results.

You open your website and a red warning message appears? Not a good sign! This security warning tells you that the website has been hacked or contains malware.

Red warning message “This site ahead contains malware”

A third way to receive a warning is through Google SearchConsole. When a website is classified as hacked, a security issue is displayed in the console.

2. Your hosting company disabled your website

Hosting providers regularly check their hosted websites for security reasons. In case of a brute force attack or a detected malicious program, hosters can disable your website. The hoster will notify you about it and you will no longer be able to log in. In that case, contact your hosting provider immediately and find out about the next steps.

3. Login not possible

You will surely notice if you cannot log into your website account. If this is the case for all admins and changing your password does not help, it is a clear sign that hackers have taken over your website.

Failed Login: Incorrect password

4. Admin user removed or unknown users are added

If you notice that an admin account has been removed for no apparent reason, this could be a sign that your website has been hacked. This is because hackers often try to take control of a website by blocking the administrator’s access or taking over their control rights.

Another red flag is the sudden appearance of unknown users in the user area. If you notice that there are more users than usual, or that users you did not add can log in to the site, you should find out who owns the account or if it is a hacker.

If you discover a suspicious user, you should act quickly.

5. Website contains spam pop-up ads

Your website might contain unwanted links, media and pop-up ads. If you have a small website that you check regularly, you can detect it quickly. For complex websites, it can be more difficult to detect spam manually. We recommend implementing an automated strategy to check if unwanted changes have been made to the website. For example, with visual regression tests.

6. Unwanted redirects

Links that redirect to spam pages are one of the most common signs of a hack. Hackers use these techniques to get more inbound visitors to their websites so that they get higher search engine rankings.

7. Website speed is slow

Your website normally runs fast, but is suddenly noticeably slow? A full memory, incorrect programming, wrong server configuration or faulty plugin updates can be possible causes.

You should get to the bottom of these things, as they are much more likely to cause your website’s slow loading time. However, if you have eliminated these error sources and the website is still noticeably slow, your website may be affected by:

  • Denial-of-service (DoS) attacks that overload Internet services.
  • Additional code added by injected malware that can overwhelm the server response time.

8. Strong decrease of website traffic

If a strong decrease of traffic is happening, this can be a sign that your website is being excluded from search engines or flagged as hacked website.

9. Security plugin alarm

If a site is hacked, a good security plugin will usually send an immediate email alert to the site owner or administrator. You may also receive an alert from your hosting service if they monitor your site with a firewall. Act as quickly as possible and take steps to fix the hack.

10. Visitors contact you

In the worst case, customers, partners or new website visitors come across your hacked website. This can cause them to lose trust in your business or even cause them harm. You can count yourself lucky if a visitor alerts you to a problem by contacting you.


Website hacks can happen. No website is completely protected from attacks, because hackers always find new ways to penetrate systems. There are many measures that can be used preventively to avoid hacks or make them harmless quickly. To avoid losing data or harming someone else, here’s what you should do before the hack happens:

  1. Check your website regularly for the signs mentioned above.
  2. Use tools like sitecheck and security check, to check if your website has been compromised.
  3. Develop an automated monitoring strategy that will help you get notified quickly.
  4. Take steps to protect your website from being hacked.

Have you already taken measures to protect your website from attacks? What experiences have you had? Share this article on social media and join the conversation!

There is no specific target group in terms of theme or size of a website. The motivation of hacking is to find a security hole in a plugin, PHP version or similar. Then hackers attack any website with this gap.

There are obvious signs, such as a red Google warning, which indicate that your website has been hacked. However, it may be that, for example, new admin accounts have been created or spam links have been inserted in texts. These are not as obvious. Learn more about possible hacks and check your website if something seems strange.

We help your WordPress website and business stay ahead of the curve.

Contact Us