Your WordPress website could be hacked and you don’t even know it

WordPress targeted malware attacks comes in all shapes and forms these days.

The more aggressive attacks give away more or less immediately by showing massive ads and popups.

Some of the most aggressive I have seen just changes the site URL so it points to a scam or virus filled website. Until it gets reported of course, or the website owner or administrator notices the change. This

You might think your website is too small to be attacked or you think your web host will automatically keep your website safe, head over to and read why even small websites are attractive for hackers and malware attacks.

Not all malware or virus is that obvious

Some malware will install malicious javascript code to mine bitcoin in your site, or just inject HTML code in your page, for instance, links to pharmaceutical sites. These links are helpful to promote any kind of malicious website.

There is little or no long-term value in these links, but that does not matter to the people promoting whatever product on the malicious website, they have thousands of other sites that link to them, it is a matter of volume.

Since your website is now linking to spammy or dangerous websites, your own website will be penalized or completely blocked by Google, and your SEO rankings will plummet. Google is not interested in sending their users to your website if it contains bad links or malicious code.

This is in itself a problem, but the business cost increases if you rely a lot on organic search engine traffic - SEO.

Links injection for SEO

A website of mine was infected years ago and the infestation was fortunately benign as such, only inserting links to spam websites, selling a couple of different pharmaceutical products.

This infection was pretty sneaky however and used obfuscated code that detected the Google bot crawler and only showed the links to Google, and hid them from anyone else, logged in or not.

You would only detect these links if you crawl your own site with a crawler emulating the Google bot, or you have set up an external monitoring service to monitor server and website changes.

Malware attacks hurt your SEO work

All major search engines have tools that identify websites that are hacked or intentionally try to do harm and block you from visiting these sites.

The Chrome browser by Google Here is Google's support page about the feature - Manage warnings about unsafe sites

Malware found on a website

Google warns website owners

If you are signed up with Google Search Console and have verified your site, you will get an automated notification email from Google.

In case you are not, Google will still try emailing various usual domain administrator emails, such as contact@, info@ or admin@ and so on.

You should have a Google Search Console account set up already, it provides a lot of information about your website and any problems that Google finds. This is a great tool to fix bugs and use the tips from Google themselves to improve your website.

Google also provides great advice on how to find and clean your website after a malware attack, and also how to request a malware review by Google. This is the fastest way to get back your search engine traffic.

Malware hurts website owners

This will have a significant impact on your SEO efforts, as Google naturally does not want to send their users to malware- or otherwise infected website.

It is not impossible to regain your SEO positions again, but it will take time and require technical skill. If you are not  affair and it will take time to gain any position back in Google for your most valuable keywords.

You will lose a lot of customer trust as well, and it

Website monitoring services can help

Companies who care a lot about their website have monitoring systems in place or outsource maintaining their website.

If you do not have someone or something monitoring your website, you might not notice the website directing visitors to a different website for some hours, even a day or two.

Prevent being attacked, to begin with, is even better. We recommend our own WordPress security tool, Security Ninja Pro. With this plugin, you get a lot of protection and tools to disinfect your website should the worst happen.

Check out the free Security Ninja WordPress plugin for a full security check - test for up 50+ security issues in less than a minute.


Cleverplugins newsletter

Never miss a story or discount - sign up now

Cleverplugins Newsletter

Never miss a story or discounts - sign up now