Skip to content

What to do when the search results indicate “This site may be hacked by a third party”

If you are running a WordPress site and the number of accesses suddenly drops or, “This site may be hacked by a third party” is displayed in search result of your site, maybe your sites have been hacked and tampered with.
This time, we will explain how to deal with this situation.


Why is “This site may be hacked by a third party” displayed?

Google searches and indexes its own site. Among them, a specific domain is blacklisted and a link to that domain is embedded in the site, or an illegal file (JS etc.) is read on the site’s HTML and the site detects it Judges that it has been tampered with.

Finding malicious behavior of a hacked site

When WordPress is tampered with, various symptoms appear on the management screen and site access. Here are some typical examples:

● There are user who you didn’t activated
● The number of accesses is increasing or decrease rapidly
* It often appears in the server access log, not in the access analysis.
● The number of emails is increasing rapidly
* This is the case for spam. It often appears in the server access log
● A lot of words and URLs with unknown meanings are written in comments
● A large number of folders and files are increasing in WordPress FTP without your knowledge.
● The site became very heavy
* When a falsified file reads an illegal file, the illegal file distribution may have already disappeared, and the site becomes heavy because this file cannot be obtained.
● Some functions cannot be used on the management screen.
● The site suddenly collapsed
● Can not log in
* There is a possibility that the password of the administrator authority has been rewritten.

Go to the following sites and check the website for viruses

Trend Micro Site Safety Center
Norton Safe Web
SUCURI (recommended)

How can I remove hacking tampering from my site? (First aid)

Excluding hacking from your site requires very specialized knowledge. As a first aid, you can get rid of the site malware to some extent by:

0 Get site backup and database backup

1 Download a new version of template and replace the site with that template
2 Stop all plug-ins. Download the necessary plug-ins from the site, delete the old plug-ins using FTP, and reinstall them
3 Update WordPress
4 Delete the if there are users you don:t know and change the administrator user password
5 Delete the spam comments. Stop all site commenting

Check for viruses again

After the above first aid is complete, check the site’s infection status again.

Free malware scanner created by WordPress Docto.
WordPress Doctor Malware Scan & Security Plug-in


Notify Google of site recovery

Viruses and falsification due to hacking are completely eliminated, notify Google that virus removal has been completed.
Subscribe your site to Search Console Request a re-review of Security Issues.