7 quick hints to help you notice that your site may have been affected by malware
A site affected by malicious content costs reliability, time and money -least of all. Nobody likes a site to be suspended by google or hosting provider due to malware. So, how can you tell that?
- Your site takes too much time to load
- You notice unfamiliar url on the browser status bar
- You have install in the same web server another Joomla! or WordPress site and left unattended
- Your site is not updated promptly
- New users have been registered despite your policy
- You have unknown or .php files in your media folder
- Use Pingdom service
You had a fast site and now needs many seconds to load. You have enabled Joomla!’s zip page compression and cache, you have install extensions to increase speed, you have prevent heavy extensions or scripts from loading in home page, images are web optimized, but your site is slow. Chances are that malicious scripts cause the malfunction.
When a browser loads a page, the external sources that are used are displayed real time in the status bar -usually located at the left bottom corner. It is ok to appear google analytics, cdn, affiliates ads and other url that you have allowed, but if you notice unfamiliar url this is really a bad sign. Malware probably have compromised your site security.
You installed a cms such as Joomla! or WordPress in your web server and forgot it; the administrator left unattended the site for some weeks (or even days). High chances are that, it has been hacked, due to outdated framework version or security precautions that have not been taken.
Apart from the “crime” of not updating at all, you update your site rarely; or security update releases are not installed immediately. The time is enough for malicious software to find “holes” and enter in your site.
You have not provide registration or login links in the front end of your site. Your site policy is against user registration. But new user have been added, with strange names or emails, too. If it has not been done on purpose by your co admins then you should get suspicious enough.
Unknown files have been uploaded to media (images) folder. Even worse, their ending is .php. 99.9% it is a malicious file that must be removed immediately.
Pingdom's website speed test is a marvelous free tool which give you a thorough and detailed report about you site's load time. It analyzes the page and finds finds bottlenecks. Examine the report thoroughly. It gives you full report about the scripts, images and whatever your page loads. If you see e.g. a weird script that shouldn't be loaded, it 's a sign you might be hacked.
These were some quick hints to start scenting that something malicious is going on with your site. Read next,
- How can you confirm that you have indeed been hacked?
- How can you clean your hacked site?
- What security precautions can you take to minimize malware affection?
Stay in touch. In our next articles we will give concise and intuitive ways about removing malware and securing your site.
I 'd love to hear your story or how this article help you. Feel free to leave any comment below!