How Do You Know When Your Website is Hacked?

Posted: Tuesday February 21st

Hacked websites pose a threat to readers on your website, but most hackers gain access to a site to simply cloak backlinks to a third-party website. Cloaking is a trick used to show one set of data to a search engine bot such as Googlebot, and another set of data to readers. This type of hack shows backlinks to search engines while the website owner is completely unaware that his site has been hacked. Here are some tips to find out if your website is hacked.

Google Diagnostics

Google has a bot that crawls a website to find out if malicious content is hosted on the site. When your site is hacked and flagged by the Google diagnostic system, users receive a red warning in their browsers telling them not to open the website. This warning stems from the diagnostic report found on Google’s domain when the bot finds malicious content on your website. To find out if your site has been flagged, navigate to “google.com/safebrowsing/diagnostic?site=yoursite.com” where “yoursite.com” is your website domain. This diagnostic report tells you if Google has found malware on your website, the type of malware, and if the site is listed as “suspicious.”

Spoof the Google User-Agent and View Your Website Code

The “user-agent” is the property sent to a website server when you access a domain. The user-agent is typically the browser you use to open a website. For bots, the user-agent is set to a value that identifies the bot. Website tools such as web-sniffer.net or Rex Swain’s HTTP Viewer allow you to see a website when a specified user-agent is sent.
Using one of these tools, open your website to view the website code. Look for any links that point to online pharmacies or sites that you did not ever include in your website content. Typically, hacked websites have links back to online pharmacies, porn sites or other hacked sites.

Google Your Site Using the “Site” Operator

Since websites are typically hacked with links to online pharmacies, you can use the Google search engine to search for content that would not normally be on your site. For instance, type “viagra site:yoursite.com” in the search text box. If pages are found in the search engine, you are probably hacked. If you don’t see the keywords when opening the page in your browser, use the user-agent spoofing tools to view the site’s code.

Preventing Your Site from Being Hacked

Even if you haven’t found malware on your site, you should always take precautions to avoid being hacked in the future. First, make sure your passwords are secure and you have the latest virus definition files on your computer. For WordPress site owners, stay up-to-date with the latest WordPress version.

Comments are closed.