Did my website get hacked?

do a sitecheck first:
https://sitecheck.sucuri.net/

I did a sitecheck first and I got the following”

Website: rhinoplastymichigan.net
Status: No Malware Detected by External Scan. Additional Actions Recommended!
Web Trust: Not Currently Blacklisted (10 Blacklists Checked)

It doesn’t show any malware. Do you have any other suggestions?

if there is/are page(s) that you did not create, I would still consider that you have some sort of intrusion.

do you have a backup of your database + files?

with the .html ending, it might not show up in your WordPress related stuff.

check in other folders in your hosting account.

Hi @metrod

Like @contentiskey mentioned, if there is something that you didn’t push, then I’d definitely assume some kind of compromise unfortunately.

This is also not something SiteCheck would detect, being it’s not linked on the domain, and the content of the page itself is not malicious. The code itself is good, and it’s not distributing malware.

What’d I’d recommend looking at is the various pages in your install, see if it’s being generated there or if it’s added to the root.

Regardless, I’d recommend doing a deep scan of the environment. You want to look for backdoors, and the sort to make sure people are not accessing the environment bypassing existing access controls.

Tony