Is your WordPress Hacked? Here are 5 Potential Reasons

Sep 6, 2016 | Website Security, WordPress

Kevin Fouche

Is your WordPress Hacked? Here are 5 Potential Reasons

Posted by Kevin Fouche, Pixel Fish Director

Kevin handles the planning, design, launch and training of every website that Pixel Fish creates. He ensures that every website is highly engaging and aligned with our client’s goals. With over 20 years of design and web industry experience to draw upon, Kevin aims to pass on his knowledge to our clients and like-minded businesses wanting to grow their online presence.

Finding out that your website has been exposed to a digital predator can be a stressful situation. Particularly if you use it to gather personal or financial information about your audience, it’s easy to panic.

A more productive approach, of course, is to immediately begin to think of ways you can fix and secure your website once again.

To make that possible, you first need to know how the hack happened in the first place. Here are 5 of the most common reasons your WordPress website has been hacked.

Is your WordPress Hacked? Here are 5 Potential Reasons

1. Outdated Scripts

Accessing your scripts is among the easiest way hackers can gain entrance to your site and its code. Scripts likely control much of what makes your website both beautiful and functional, but if they become outdated, you may have a problem on your hands.

Keeping scripts around past their use could be one culprit for the hack. So could be using a script that worked 3 years ago, but may no longer be safe. Updating your scripts and only keeping those you still need for your site to operate helps keep your website safe from any cyber-attacks.

2. Using Vulnerable Plugins and Themes

The greatest strength of WordPress is also its greatest potential vulnerability. Thousands of themes and plugins allow individuals and businesses of all sizes to use a template platform to create a unique website. Not all of these third party tools, however, are secure.

While you may fall prey to a theme specifically designed to be hacked, that nightmare scenario is actually unlikely. You likely use a theme or plugin that does not get updated, becoming vulnerable over time. Using only trusted sources is crucial, as is working with a design firm that knows which plugins and themes are safe and which are not.

3. Lack of Website Security

Integrated into your website strategy should be a security plan that ensures it always stays up to date. From your CMS to the code itself, always ensure that you have a plan that requires regular updates. Antiviral applications are also important in making sure that your website does not suddenly become prone to an attack.

4. Server Hacks

In addition to being under threat through its own code, your website may also be vulnerable because of the server on which it lives. Particularly if you share server space with other websites (and most small businesses do), you may become the indirect victim of a hack directed at the server instead of your site specifically.

Think of it as living in an apartment building: securing your apartment is a crucial part of staying safe, but if someone breaks into the building itself, they are halfway there. To prevent server vulnerabilities, make sure that your web host keeps its firewalls and security up to date.

5. Compromised Access

Finally, your website may have been hacked in a way that has nothing to do with its structure or server. Instead, the target may have been your personal account. If your personal computer gets hacked, the culprit may have stolen login information that enables them to access the site and all of its information.

Alternatively, you may have fallen prey to a fishing email that tricked you into giving up your login information. In either case, the fix fortunately is relatively simple: update your personal information as quickly as you can. As soon as you change your passwords, the hacker will no longer have access to your WordPress account and website.

When your website is hacked, you need to take action. But you can’t take action until you know just how the hackers gained access.

Is your WordPress Hacked? For help in keeping your WordPress website secure, and to react quickly if it does become compromised, contact us.


Stand out from your competition with a Pixel Fish website!

Call us today on 02 9114 9813 or email

Related Blogs

Top 10 Steps to Start a Successful Online Store in 2022

Top 10 Steps to Start a Successful Online Store in 2022

In 2022, becoming your own e-commerce retailer has never been easier. If you want an online store, it’s really quite simple to build one, secure a supplier, and start advertising. Of course, the website doesn’t exactly build itself, and you’ll still need to supply all the unique brand experience and selling points to bring in customers, but the tools are all there waiting to be used.

Top 10 WordPress Web Design Trends for 2022

Top 10 WordPress Web Design Trends for 2022

Granted, when you are designing a website for your business, there’s the temptation to stand out by creating or incorporating something totally unexpected. While defying expectations is not exactly frowned upon, you should probably consider the fact that unique sites will often struggle to provide an exceptional user experience (UX).

Contact Pixel Fish

Get Started with a new Pixel Fish Website

We would love to hear about your upcoming website project

Kevin Fouché, Pixel Fish Director