Redirect Hack

  • Looking at a site with a redirect hack.

    URLs of a specific type will redirect to pornography with a http 302
    example.com/xlp**** or example.com/xlq*****

    Checked the .htaccess file, no issue.
    Ran wordfence scan, all files normal.
    Checked all pretty permalinks.
    Checked uploads directory for any peculiar php, shtml, py files. none found.
    Checked theme header and footer files. nothing weird.

    Since it is a 302 redirect I know it isn’t javascript. Any hints on other places to check?

    Thanks for your time.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

    Thread Starter hogarthxlv

    (@hogarthxlv)

    Thanks for pasting me steps that I’ve already said I’ve done.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Did your replace every PHP file in the WP tree, including plugins and themes?

    Also, poke through the content of your posts and pages. I’ve found javascript buried at the end of some posts after a large number of blank likes so it doesn’t show up when you do a quick look in text mode in the editor.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Redirect Hack’ is closed to new replies.