WordPress Hacking

Get our latest news about WordPress Hacking and our other online marketing services. Call us at 1-888-262-6687 to inquire about your marketing needs.


Uh oh! You’ve just received a Google Webmaster Tool notice saying “Hacking Suspected”:


Or perhaps you’re checking out how your website looks in Search Results and you see this small message by your website: This website may be hacked.


Google adds this warning message to websites it believes a hacker has changed some of the existing pages or added new spam pages to. Google warns visitors that if they visit the site they could be redirected to spam or malware.

Not only is it unsettling to open your website to see spammy text on your site or pages completely changed around or new pages added, but it can be more alarming when Google is the one who tells you!

While you may feel singled out by Google you’re not alone. Just do a search for “WordPress hacking statistics” and you’ll see results such as “30,000 web sites hacked a day” and “73% of WordPress site vulnerable to attack”. This is a very real issue website owners are up against.

A hacked website can not only ruin your own reputation but can also put your visitors at risk if the hacker is using you to access your visitors’ personal details. Additionally, a hacked website can take substantial time and resources to fix and make secure again.

Did you know that we have WordPress security plans to lower your risk of WordPress hacking and provide fast support to fix your website if it ever does get hacked? If you’ve been hacked and just need to fix it contact us today!

How does WordPress hacking occur?

The basic explanation of how WordPress websites get hacked is that an unauthorized person gains access to your website and make changes. They usually hack in through vulnerable and outdated web script or by guessing your username/ password combination.

You may be wondering, But shouldn’t my WordPress website be secure?

You can think of the security end of your WordPress website similar to antivirus software for your computer. You have to constantly update it to keep your computer safe because hackers are always finding new ways to break in.

Why do WordPress hacking attacks occur?

  1. We can’t trust everyone. People can be mean and intentionally try to hurt others. One such way is hacking.
  2. Hackers do it for the thrill. Many hackers seek the thrill and bragging rights of breaking into another person’s website.
  3. There’s plenty of WordPress sites to hack. There are over 6 million WordPress websites out there making it an obvious target for hackers.
  4. Many WordPress sites are not taken care of and vulnerable. Whether naïve of negligent, many WordPress website owners do not know how to properly maintain their website and as a result make it easy for hackers to break in. Remember, hackers take the path of least resistance and hacking a WordPress blog or website that isn’t protected can be very easy.
  5. WordPress hacking information is out there. There are WordPress logs that record every update made in WordPress making it easy for hackers to see new releases and where websites may now be vulnerable. There are also people out there to who benefit from teaching others how to hack into WordPress websites.
  6. Hackers are looking for something to gain. Hackers may want to add links to your website to boost traffic to their own website, which we refer to as spamming. They may be looking to gain access to your accounts or accounts of your visitors, which we refer to as phishing. Other hackers may be looking to set up fake payment collection points on your website to get credit card details or to gain entry to servers that contain credit card details.
  7. Hackers may want to download malware through your site. Hackers will often create a large network of compromised computers and websites that they can use to attack other sites, making it harder for authorities to detect and stop the hacking.
  8. Hackers may use your site for other attacks. As an extension of number 7, hackers may want to use your computer to host malware such as Trojans and viruses rather than on their own servers so that their activity is not traceable.

Tips to protect against WordPress hacking issues

  • Make sure you have a unique username (the most common usernames in WordPress hacking attempts are admin, administrator, test, user, login)
  • Make sure you have a unique password (the most common passwords in WordPress hacking attempts are admin, password, 123456, password, admin123)
  • Limit login attempts
  • Get login notifications if you are worried
  • Make frequent backups so that if you site is hacked you have something to restore.
  • Choose a reliable website hosting provider
  • Keep your software updated and get professional help doing this if you need.

What do you do if there is Hacking Suspected on your website?

If you just received a Hacking Suspected notice or see a “This website may be hacked” label beside your website in Google search contact your web designer or developer immediately.

1st on the List takes website hacking very seriously which is why we take a proactive stance and offer WordPress Security Protection Plans to all our clients. Each month we make sure that your software is as up to date as it can be and run regular backups of your website.

Get protection for your website today by calling 1-888-262-6687 or by filling out our Quote Form and asking for a WordPress Security plan.