First signs to take seriously
- Your website redirects visitors to unknown pages.
- Google Search Console, browsers or antivirus tools show security warnings.
- Unknown admin users, files, plugins, scripts or pages appear.
- Your hosting provider reports spam, phishing, malware or abnormal traffic.
- Customers report popups, fake login pages or suspicious downloads.
What to do first
- Do not delete everything immediately. Preserve basic evidence first.
- Change passwords for hosting, CMS, admin accounts and email accounts.
- Check recent admin logins, new users, changed files and suspicious plugins.
- Contact your hosting provider and ask for recent security logs or backups.
- Document what changed, when it started and what visitors reported.
What not to do
- Do not pay unknown attackers without professional advice.
- Do not install random “cleanup” plugins from untrusted sources.
- Do not share admin passwords over chat or with unknown helpers.
- Do not ignore the issue because the homepage still looks normal.
- Do not start aggressive scanning against systems you do not own.
How SAB Security can help
Atlas Central by SAB Security provides written-permission-only website security, WordPress security and AI privacy assessments for small businesses. The goal is not fear-selling. The goal is to identify realistic visible risks, explain what matters and give clear next steps.
No technical testing starts without explicit written authorization and agreed scope. No permission means no testing.
Need a practical website security review?
Send your website, business context and main concern by email.