 How to repair a hacked WordPress site step-by-step guide. Hey guys, are you worried or are you concerned that your site may have been hacked? Well, in this video, I'm going to walk you through the common telltale signs that your site has actually been hacked and how to fix it. So stick with me. Don't forget to give me a thumbs up, subscribe to the channel there, turn that red button to gray, and don't forget, ring the bell, turn on all bell notifications so you're notified each and every time I go live or if I upload a video. Okay, so I'm often asked, how do I tell if my site's been hacked? And more importantly, if it has, what the heck do I do about it? Well, the first sign is a sudden drop in traffic, a sudden drop in traffic. And here's why. Now you could see this even if your website was set up properly. But here's what may be happening. There may be a hack on your site. There may be some malware on your site that is redirecting users that aren't logged into a spam website without you even knowing it. Another thing is Google may think that your site is a bad site, and they may be showing a warning like this on the screen, which makes people not go to your website. The truth is each and every day, Google actually blacklist over 10,000 websites and thousands more for phishing activity. Now you can run over to Google's safe browsing tool and check your site out and see if that's the problem. Go to that site first and check it out. Number two, there could be bad links that are actually added to your website. Somehow somebody has gotten into the back door of your website. And when they do that, they can add spammy links to your website. Now this could be in the content itself. More often than not, it's in the footer. However, you've got to not only get rid of those links because that won't stop it. You've got to prevent them from getting in that back door. Another sign, number three, is that your homepage is defaced. Sometimes hackers will break into a site and actually change your homepage. Now for the most part, they don't do this because they don't want you to know that they've hacked your site. However, some people that hack your site are trying to get a message across. They may put up a fake page for your homepage to where nobody can actually get to your site. They end up at this fake page first. And some of them will actually try to extort money out of you to release your site back to you. Have you ever gone to your site and one day you can't log in? Well, that's number four. If you can't log into your site, that is a telltale sign that somebody has probably hacked your website. Now you can certainly add other admins to help you get in or by using PHP MyAdmin. But the problem is even if you add another admin, if you don't figure out how they got in there, they can just do it again. Number five, suspicious user accounts in your admin. It's a good idea to every now and then go into your admin and see who the users are. If you see users in there and you didn't add them, that's a telltale sign that somebody has gotten into your system. You're going to want to delete those users and you're going to want to change all your passwords. Number six is unknown files or scripts on your website. Now if you use a software like Securey, you can actually check it out and find out if that's the problem. And you're going to want to get rid of them because that problem could actually come back time and time again. Number seven, your website is often slow or unresponsive. This could be a telltale sign that there are hackers trying to attack your site. Sometimes they send an abnormal amount of requests to your site or sometimes your site is unresponsive altogether. If you check the IP address request and you see a whole lot coming from one IP address, you're going to want to block that IP address. The next one, number eight is unusual activity in your server logs. Here's an example. Server logs are plain text files stored on your web server. These files keep records of all errors occurring on your server as well as all your internet traffic. You can access them from your WordPress hosting account, cPanel dashboard under statistics. These server logs can help you understand what's going on when your WordPress site is under attack. They also contain all the IP addresses used to access your website so you can block the suspicious IP addresses like I said in number seven. They will also indicate server errors that you may not see inside your WordPress dashboard and may be causing your website to crash or be unresponsive. Number nine, failure to send and receive WordPress emails. Now a lot of people who put up websites use their email from the actual website. I don't do that. I don't recommend it. However, hackers will break into your site and try to use your email account to send out a bunch of spam email. So you need to look out for that also. Number 10, suspicious scheduled tasks. Let's take a look at this one. Web servers allow users to set up crone jobs. These are scheduled tasks that you can add to your server. WordPress itself uses crone to set up scheduled tasks like publishing scheduled posts, deleting old comments from trash and so on. A hacker can exploit crone jobs to run scheduled tasks on your server without you even knowing it. Number 11, hijacked search results. Hackers will break into your site and they will show incorrect titles and descriptions from your site. They insert a piece of malicious code and it directs them to the wrong site in the wrong results. Number 12, pop up or pop under ads on your website. Hackers will often hack your site and get in there and put ads on your site. What they're hoping to do is capitalize on whatever traffic you have and actually send it to the ad that they show the people that come to your site. Now generally, these are not shown to people who are logged into your site. They're generally shown to people who have gotten to your site through search results. Number 13, core WordPress files are changed. Now you may see something like this. If your core WordPress files are changed or modified in some way, then that's an important sign that your WordPress site is hacked. Hackers may simply modify a core WordPress file and place their own code inside it. They may also create files with names similar to WordPress core files. The easiest way to track those files is by installing a WordPress security plugin that monitors the health of your core WordPress files. You can also manually check your WordPress folders to look for any suspicious files or scripts. Yeah, they never seem to run out of ways to mess with you, do they? It's just constant. To number 14, users are randomly directed to other websites. Yeah, they're capitalizing in people going to your website and being redirected to somebody else. Now, this probably will not occur if they type in your exact URL into their browser bar or if they're logged into your website. However, traffic that's coming to your site that you probably want to capitalize on from search engines is the traffic that will be redirected to these other sites. They're directing them to other sites so that they can capture your traffic that you've worked so hard to build up over the years. It just doesn't seem fair. Now, truth be told, maybe you aren't that technically advanced. Maybe you're trying to run your business. You're trying to sell your products. You're trying to do your marketing. And the last thing you need to deal with is the security of your website. That's why I recommend you use a company like Securee. I am not an affiliate for Securee. However, there's the link right there. You'll see it on the bottom. But software like that can really help you out because they're experts at this. They know what to look for. They know how to clean it up. It's very low cost to get something like Securee. And you got to think about it. If you try to do this on your own, it's going to take a lot of time and effort and energy. And isn't that time, effort and energy better spent running your business, marketing your business, getting new products, getting traffic, making sales funnels. The last thing you want to do is become a security expert. There are companies out there and Securee is not the only one. But there are companies out there that can do this for you to save you all that time and trouble and hassle and money. It's just not worth it to try to figure it out on your own unless you just like doing this kind of stuff. Now, you've got to get your site cleaned up. But once you've got it cleaned up, you want to make it more difficult for hackers and people who are trying to send spammy stuff to your website. And the way you're going to do that is you're going to protect your files. You're going to protect your folders in there. You need to secure your website. Don't just clean it up and sit back and go, well, I cleaned it up because it can happen again if you don't secure your website. Once again, I totally suggest Securee. Get that software that will help you out. And there's lots of information on how to protect the site once you've done that. I really want to thank you for watching this video. And below I do have a course. It's absolutely free. It's a $97 course. You can click and learn and yeah, increase your knowledge of marketing online. Now that won't be free forever. So you want to grab it as quick as you possibly can. I also have some links below on some of my other courses if you're interested in checking those out. Thank you so much for watching this video. I really appreciate it. Don't forget to give me a thumbs up and don't forget to ring the bell. Turn on all bell notifications so you're notified each and every time I go live or if I upload a video. Thank you so much for watching this video and I'll see you in the next one.