2 Quick Ways to Check if your Site is Hacked

For some reason in recent years Google Console has become really poor about flagging up any issues when a website has been hacked. It even seems to take several weeks for the dreaded blue text warning to show either.

In fact the only time you seem to get an almost immediate indication of a hack is when running Google ads.

So if you’re not an expert how do you check if your own site has been hacked if Google’s not going to tell you anytime soon ?

1. Run a Site search on Google by typing in site: followed by your domain name (ignoring the https://www bit)

eg site:yourdomain.com

This shows the majority of pages that Google has indexed of your site – if you start to see listings with products or services you don’t offer, or pages with foreign languages displayed, then you immediately know your site has major problems.

2. Use a website that checks for hacks including code injection. There are plenty to choose from, our favourite is the quick and easy https://www.isithacked.com .

Just add your website in the search box and it checks for “dodgy” links, suspicious embedded code and the dreaded “cloaking”. Cloaking is best described as serving normal versions of web pages to a human visitor, whilst showing entirely different content (often on another domain) to the search engines. This is particularly troublesome as it’s undetected to us humans, so people assume there’s no issue.

There are many more detailed ways us professionals can monitor and check for hacks, but the above are 2 quick steps that anyone without any industry knowledge can check for themselves.

Hacks can cause your website’s rankings to drop within days and unless taken care of quickly can affect your Google presence for your main keywords for months thereafter. So it pays to check every few weeks as the damage can be long lasting – and if you’re using WordPress, keep your Theme and Plugins up to date, as that’s the most common way the hackers get access.