My blog have been hacked with Referrer

  • Resolved webblogsforyou

    (@webblogsforyou)


    9 years, 6 months ago

    When I typed site:webblogsforyou.com in Google’s search box, it’s displaying a different title and meta description, but the thing puzzling me is the site URL is being displayed correctly and redirected to my blog page.

    However when I type only brand name webblogsforyou in the search box and click on the first result, it’s redirecting me to different site.

    Note: This issue is not limited to Google. It also for all major search engines. Also this is regarding my home page only, all other post pages are working well.

    I don’t know what’s going on here. Anyone else have the same issue? How do I fix this?

    Here is the redirection report:
    https://aw-snap.info/file-viewer/?tgt=http%3A%2F%2Fwebblogsforyou.com&ref_sel=Google&ua_sel=ff&fs=1

    I don’t know how to go ahead and want resolve this as soon as possible.

Viewing 14 replies - 1 through 14 (of 14 total)

  • Webblogsforyou,

    That must feel so alarming! I’m sorry about that. It sounds to me like something called “DNS hijacking” is taking place.
    Check out this article for more information about what is taking place.

    What kind of security plugins do you have protecting your site? If you don’t have any you should change that. I know JetPack comes with a security plug-in, but there are plugins that deal only with security that are more powerful. Do some research and see which reviews speak highly for each plug-ins, then make sure you install a current one.
    It also seems that if this is taking place you may have a virus on your computer. read the article posted above and have your computer checked out. Once your computer is clean, make sure you have an up-to-date antivirus software installed to protect you from future problems.

    Please let me know if this works out for you,
    Tanya

    Who is your host? Are you using a Windows server?

    Thread Starter webblogsforyou

    (@webblogsforyou)

    @tanyalyn, I’m using BPS security plugin. I guess It’s not 100% supported by my windows shared hosting server. Because my hosting server only support Rewrite rules in .htaccess.

    Actually, I’ve tried many ways to resolve it but still no luck. I think now I’ve to re-setup all again.

    @wslade, Yeah, My blog is on windows shared hosting (from Smarterasp.net) because I’ve multiple sites on it including asp.net.

    Your site seems to be functioning normally today.

    Thread Starter webblogsforyou

    (@webblogsforyou)

    @wslade, How you test it? I’m still redirecting to another website when I type “webblogsforyou” in Google and Click on it.

    If I go directly from addressbar, It’s normal and working fine but from SERP (only consider brandname because other pages are working nicely) It’s not as expected.

    It worked the first time I tried it. Now it doesn’t, it is redirecting.

    Have you spoken to your hosting company about this? Is your DNS server provided by your host or domain name provider (TUCOWS DOMAINS)?

    Can you verify that the information in your DNS Zone is correct? Your server is acting differently today than yesterday. Have you made changes?

    Have you looked in .htaccess or web.config to determine if there is a redirect for traffic from Google redirecting to the unwanted site?

    Thread Starter webblogsforyou

    (@webblogsforyou)

    Yeah, I talked with hosting company but they told me everything is okay from their side. They have also virus scanner installed on server. And domain is pointing to the provided ip/dns. I also using cloudflare with my host.

    Yeah, I did two changes today.

    1. In my wp-config-sample.php file I see something strange like location with encode_base64(some key) at very very last of the page with whitespaces. So I removed it.

    2. In themes function.php file there is one extra php tag was there with some different function name so I removed that too.

    Not sure, if it’s the root cause.

    I didn’t checked files that you listed in last paragraph but soon check and let you know.

    Your site is hacked. the base64 code should not be in wp-config.php. The hack is redirecting index page traffic to the unwanted site. It has happened so much that Google is displaying the title from the unwanted site.

    Do you or your hosting company have a full backup of your site? The fastest and most sure way to repair your site is to restore from a backup made before the hack.

    Without a backup your only permanent solution is to repair the site. Follow this guide.

    When you’re done, you may want to implement some (if not all) of the recommended security measures.

    Thread Starter webblogsforyou

    (@webblogsforyou)

    I also think so.

    Yeah, I’ve all the backups. I’ll go for fresh installation.

    Thanks!

    It really does not add any complexity to the process but deleting most files before overwriting them is an important step. It’s very difficult to locate files added by hackers and these stand alone files are often backdoors into your site.

    Follow the guide and install new core files for everything. This will overwrite any malware added to WordPress core, plugins or theme files. Deleting files first will remove any stand alone files added by the hack.

    Good luck!

    Thread Starter webblogsforyou

    (@webblogsforyou)

    Yeah right, I’ve just re-install everything and now it’s recovered.

    Thanks for everything. I think this issue arrives after enabling the contribute/register functionality.

    I’m glad you got it sorted.

    Thanks for chiming in Wslade. I learned a lot from Reading your exchanges. Glad the problem is sorted!

    Thread Starter webblogsforyou

    (@webblogsforyou)

    Thanks again all!

    I’m closing this thread as it got resolved.

Viewing 14 replies - 1 through 14 (of 14 total)
  • The topic ‘My blog have been hacked with Referrer’ is closed to new replies.