Remove ‘This site may be Hacked’ Warning from WordPress Website

A dialog box that appears with the message ‘YOUR SITE MAY BE HACKED’ is one of the disastrous moments for a website owner. This immediately dips one’s reputation in the market. Hence this one dialog disturbs the functioning of the website and the mental state of the website owner too. Google is one of the highly used search engines. It’s one of the major responsibilities is to protect its users from malicious websites and codes. Therefore, the moment it detects any such harmful website it immediately warns its users to stay away from opening such links. 

Google Determining Malicious WordPress Sites

Google runs a daily scan on numerous websites to keep its users safe and secure. Therefore, it immediately flags harmful and malicious websites. It immediately warns its users in case if one is opening a harmful website. Mentioned below are some of the attacks that an affected website might be suffering from:

  • Malware Redirect
  • Pharma Hack
  • Japanese Keyword Hack
  • Gibberish Keywords
  • Eval base64_decode Hack

Google classifies compromised websites into 2 main vital categories:

Attack Sites

Attacked websites are those that might consist of software that damages the visitor’s system. Google immediately flags such websites and pops up with a warning ‘This site might be hacked’.

Compromised Sites

Such websites host malicious content or a hacker injects malicious codes into such websites.

It is advised to immediately take recovery steps when google displays such warnings on your website. It helps to lower the loss that occurred due to the website being hacked. Therefore, one should not procrastinate such steps and immediately try to heal the website.   

Helpful Tools in Case of a Hacked WordPress Website

  1. Complete Site Inspection

There are various online scanners available online to help one get rid of malicious codes injected or spam. One such effective scanner is WP Hacked Help Scanner. It helps to detect any malicious code injected, spam injection, website modification, and various such attacks. To ensure a clean domain it checks various online tools. It helps to find out possible vulnerabilities and suspicious codes injected into a website. it also detects the WordPress version of the website. After a complete inspection of the website, a clear and understandable report is presented to explain each disturbing element.

  1. Google Safe Browsing

The secure browsing google helps one to identify a harmful URL among the safe ones. As mentioned above google scans tremendous URLs and detects the harmful one’s from them too. When mentioned as a harmful URL by google it damages the reputation of the website and its owner harshly. Google Search Console helps to identify if a website is harmful or not and if it is then what are the necessary steps to get rid of the malicious codes. Hackers usually install malicious links in themes of a website. These links can be detected by their usefulness. They won’t be of any use on your website. 

  1. Google Webmaster Tools

One can open Google Webmaster Tools and review the domain to be checked and simply click “Security Issues”. This helps to detect the issues found by google on your website. 

  • DNS– Domain Name System helps to find out if the domain name and hosting space are well-connected and configured. 
  • Server Connectivity– With its help google notifies one about the server and its connection requests. 
  • Exploring Certain Files– Various search engines along with google analyze root files 
  1. Monitoring Service

It helps to resolve positioning issues relevant to the google search engine. It is also a part of the quality score vital to know the security of a website. it helps to improve the user experience which in turn is important to increase healthy traffic and popularity of the website. Slow loading of pages immediately lowers the number of visitors and directs traffic to another website. hence it is necessary to maintain the emotional balance of the visitor by providing essential services.   

  1. PageSpeed Insights

This free online tool helps to improve the performance of the website. it suggests one on topics such as image and file download, reducing the number of HTTP requests, and various such factors. 

  1. Pingdom

This tool performs a speed test of the website and also runs a scan on the overall website. It also identifies the slow elements of the website to improve its performance and get rid of the disturbing elements. 

  1. GT Metrix

The tool performs a deep inspection of the website to point out the harmful elements that affect the speed and performance of the website.  hence it also provides one with detailed reports. Also identifies the elements like a poor server that affects a website’s performance. 

  1. Dareboost

Dareboost pays attention to aspects like speed, monitoring, analysis, and benchmarking. Also pays attention to aspects such as rectifying common mistakes, SEO, accessibility, and security. 

Tips to get rid of Google’s “This site may be Hacked” Message

To get rid of this message one needs certain things such as:

  • FTP access to the website
  • Google Search Console Account
  • Web Developer to clean malicious files and scripts
  1. Professional Help

Professional help is the best help when you have no idea about the servers and core working of the websites. They help to detect the backdoors left by hackers to re-enter a website. This relaxes the website owner to get rid of them professionally. This also helps to save time and pay attention to other aspects of it. 

  1. Consult your Hosting Company

In such cases, the web host company plays a pivotal role. They resolve such issues on a daily basis and have the expertise to deal with them. They pay attention to aspects like the type of the hack, its origin, location of the backdoors, and many such issues. 

  1. WP Backup

Backup is a huge saver under such circumstances. Backup of the data before the hack can help to gain the original data back and know the changes made by the hackers. 

  1. Eliminate Hidden Administrators

Identifying and eliminating hidden administrators is one of the important aspects to get rid of a website hack. 

  1. Identify Hidden Backdoors

Backdoor is a way to seep into a hacked website once again. Hence it is necessary to identify them and eliminate them too. This can be done by scanning the website and identifying the malicious codes too. 

Various Other Steps to be followed:

  • Verifying User Permissions
  • Modify Secret Keys
  • Check directories to Identify Malicious Files on Server
  • Check for Malicious Codes on Server
  • Modify Passwords
  • Request Google to Review the Site

Steps to Follow to Avoid such Hacks in future

  • Update Website
  • Maintain the WordPress Site
  • Switch to HTTPS
  • Make a Stronger Password 
  • Beware of Error Messages
  • Refrain File Downloads
  • Use Content Monitoring tools
  • Install Security Plugin


The following article provides information about how to get rid of the message “This Website Might be Hacked” from a WordPress website. It also informs about the tips to avoid such hacks in the future. It is always advised to stay alert about such messages and warnings and remove them immediately to maintain the reputation of the website.

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Steps to Identify an Unfeigned Website

Next Post

Best MongoDB Platforms for Modern Applications

Related Posts