So I was looking at a client website that seemed to be running without any problems.
The first thing I noticed was that on Google the site had the wrong description and cache. I quickly went into Google Webmasters Tools to re-index the site, a caching issue I thought! Boy was I wrong.
It turns out the site had been hacked so that the normal user couldn’t see anything wrong but Google sees a bunch of spammy keywords.
We found a php5.php in the root directory of WordPress and the index.php had been modified to contain:
if (is_file('php5.php')) @include('php5.php');
So even when everthing looks right you might be in trouble. Hopefully I will still be here to help 🙂