Find If Someone Hacked Your WordPress Blog and Changed The Files

Published in: security - Tools - WordPress

wordpress hacked How can you find if your WordPress blog has been hacked ?

WordPress Blogs (or for that matter, any software) become more vulnerable to hack attacks if you are not using the latest security updates. Hackers can then inject code into your WordPress files (especially themes) that will allow them to inflate the Google rankings of other spam websites though your blog.

Is my WordPress website hacked ?

When a hacker gains access to your blog or website, he will modify certain files so that his tracking code gets executed and the spam links get displayed when people view your web pages.

So if you are curious to know if someone hacked into your WordPress blog last night and changed the files, you can look at the timestamp of every file on your web server and pay special attention to file that were modified during the time-period when you were fast asleep.

Don’t worry, you don’t have to try this manually, here’s a command to help you out:

Step 1. If you are on WordPress and have enabled WP-Cache plugin, go to your Plugin Settings and delete all the files from cache.

Step 2. Login to your web server using telnet or putty and switch to the directory that contains your WordPress files.

wordpress files changed

Step 3. Type “ls -Roh | grep YYYY-MM | sort -k 5,6” (without quotes and replace YYYY-MM with current month like 2008-04)

If the timestamp of any of your WordPress theme files or the standard WordPress files appears recent, you may want do a carefully check the contents of these files and compare them with the original files in your backup. Good luck.

Technicals - The ls command will recursively display all the files in WordPress directory and the -h switch will show their exact size in KB or MB. The grep command will limit this list to files that were changed only this month (or you can limit it to a day). The sort command will finally arrange this list to show files at the bottom that were modified most recently.

Related: How to Test Your Website For Errors

📮  Subscribe to our Email Newsletter for Google tips and tutorials!
Published in: security - Tools - WordPress

Looking for something? Find here!

Meet the Author

Web Geek, Google Developer Expert
Amit Agarwal

Amit Agarwal is a Google Developer Expert in Google Workspace and Google Apps Script. He holds an engineering degree in Computer Science (I.I.T.) and is the first professional blogger in India. He is the developer of Mail Merge for Gmail and Document Studio. Read more on Lifehacker and YourStory

Get in touch

Google Add-ons

Do more with your Gmail and GSuite account

We build bespoke solutions that use the capabilities and the features of Google Workspace for automating business processes and driving work productivity.

  1. Mail Merge with Attachments
    Send personalized email to your Google Contact with a Google Sheet and Gmail
  2. Save Emails and Attachments
    Download email messages and file attachments from Gmail to your Google Drive
  3. Google Forms Email Notifications
    Send email notifications to multiple people when a new Google Form is submitted
  4. Document Studio
    Create beautiful pixel perfect documents merging data from Google Sheets and Google Forms
  5. Creator Studio for Google Slides
    Turn your Google Slides presentations into animated GIFs and videos for uploading to YouTube