Woocommerce redirect on products not existing

  • Resolved Boorhin

    (@moreaujuli1)


    11 months, 3 weeks ago

    I recently noticed a lot of activity on my website after we got infected with some malware. The malware is gone so far but I then noticed strange logs which I believe could come from a sort of hack of woocommerce functionalities. 

    plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:53 +0100] "GET /products/evidence379669?id=566 HTTP/2.0" 301 265 "https://www.google.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    plasticatbay.org 0 136.243.220.90 - - [27/Mar/2024:15:31:54 +0100] "GET /products/enterohydrocele1758603?id=994 HTTP/1.1" 301 4924 "-" "Mozilla/5.0 (compatible; DataForSeoBot/1.0; +https://dataforseo.com/dataforseo-bot)"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:54 +0100] "GET /products/evidence379669?id=566 HTTP/2.0" 307 109 "https://www.google.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    plasticatbay.org 0 66.249.66.150 - - [27/Mar/2024:15:31:55 +0100] "GET /products/bracingness222196?id=803 HTTP/1.1" 301 549 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Mobile Safari/537.36 (compatible; Googlebot/2.1; +https://www.google.com/bot.html)"
    plasticatbay.org 0 66.249.66.150 - - [27/Mar/2024:15:31:55 +0100] "GET /products/audivision849717?id=46 HTTP/1.1" 301 547 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Mobile Safari/537.36 (compatible; Googlebot/2.1; +https://www.google.com/bot.html)"
    www.plasticatbay.org 0 66.249.66.148 - - [27/Mar/2024:15:31:55 +0100] "GET /products/bracingness222196?id=803 HTTP/1.1" 307 566 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Mobile Safari/537.36 (compatible; Googlebot/2.1; +https://www.google.com/bot.html)"
    www.plasticatbay.org 0 66.249.66.148 - - [27/Mar/2024:15:31:55 +0100] "GET /products/audivision849717?id=46 HTTP/1.1" 307 564 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Mobile Safari/537.36 (compatible; Googlebot/2.1; +https://www.google.com/bot.html)"
    www.plasticatbay.org 1 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:54 +0100] "GET /products/evidence379669/?id=566&v=79cba1185463 HTTP/2.0" 404 142493 "https://www.google.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.3 HTTP/2.0" 200 3039 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/themes/miteri/style.css?ver=1.0.0 HTTP/2.0" 200 1028 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 66.249.66.206 - - [27/Mar/2024:15:31:56 +0100] "GET /products/audivision849717/?id=46&v=79cba1185463 HTTP/1.1" 404 147452 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Mobile Safari/537.36 (compatible; Googlebot/2.1; +https://www.google.com/bot.html)"
    www.plasticatbay.org 0 66.249.66.206 - - [27/Mar/2024:15:31:56 +0100] "GET /products/bracingness222196/?id=803&v=79cba1185463 HTTP/1.1" 404 147431 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Mobile Safari/537.36 (compatible; Googlebot/2.1; +https://www.google.com/bot.html)"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/mantrabrain-instagram-pack/assets/css/mb-instagram-pack.css?ver=1.0.3 HTTP/2.0" 200 10944 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/css/gateway.css?ver=2.6.0 HTTP/2.0" 200 1050 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/themes/miteri/assets/css/vendor/owl.carousel.min.css?ver=4.7 HTTP/2.0" 200 3465 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/themes/miteri/assets/lib/font-awesome/css/font-awesome.css?ver=4.7 HTTP/2.0" 200 37487 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/mantrabrain-instagram-pack/assets/lib/font-awesome/css/font-awesome.css?ver=4.7.0 HTTP/2.0" 200 37487 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/themes/miteri/assets/css/miteri.css?ver=1.0.0 HTTP/2.0" 200 95268 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/jetpack-boost/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false&ver=132249e245926ae3e188 HTTP/2.0" 200 793 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/mailpoet/assets/dist/css/mailpoet-public.c5d405bf.css?ver=6.4.3 HTTP/2.0" 200 17951 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/mantrabrain-instagram-pack/assets/js/mb-instagram-pack.js?ver=1.0.3 HTTP/2.0" 200 3040 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/product-open-pricing-name-your-price-for-woocommerce/includes/js/alg-wc-pop-frontend.js?ver=1.7.1 HTTP/2.0" 200 1145 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/themes/miteri/assets/js/skip-link-focus-fix.js?ver=20151215 HTTP/2.0" 200 966 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.3 HTTP/2.0" 200 13109 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/themes/miteri/assets/lib/parallax/parallax.min.js?ver=1.5.0 HTTP/2.0" 200 6923 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.3 HTTP/2.0" 200 11568 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/woocommerce-paypal-payments/modules/ppcp-button/assets/js/button.js?ver=2.6.0 HTTP/2.0" 200 226046 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/themes/miteri/assets/js/main.js?ver=20171003 HTTP/2.0" 200 10473 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/wp-responsive-table/assets/frontend/js/wprt-script.js?ver=1.2.6 HTTP/2.0" 200 225 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.9.3 HTTP/2.0" 200 987 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/themes/miteri/assets/js/owl.carousel.min.js?ver=2.2.1 HTTP/2.0" 200 42845 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:56 +0100] "GET /wp-content/plugins/mailpoet/assets/dist/js/public.js?ver=4.48.0 HTTP/2.0" 200 110517 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:57 +0100] "GET /wp-content/themes/miteri/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/2.0" 200 77306 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:58 +0100] "GET /wp-content/uploads/2020/06/paypal-donate-button.png HTTP/2.0" 200 71728 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    plasticatbay.org 0 66.249.66.150 - - [27/Mar/2024:15:31:58 +0100] "GET /products/burrknot933881?id=507 HTTP/1.1" 301 546 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Mobile Safari/537.36 (compatible; Googlebot/2.1; +https://www.google.com/bot.html)"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:58 +0100] "GET /?wc-ajax=get_customer_location HTTP/2.0" 200 196 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    www.plasticatbay.org 0 2400:2411:1ea0:6dc6:b9f4:bbe5:62a1:5e08 - - [27/Mar/2024:15:31:58 +0100] "POST /?wc-ajax=get_refreshed_fragments HTTP/2.0" 200 372 "https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Mobile/15E148 Safari/604.1"
    plasticatbay.org

    All these /products/ requests get redirected or sometimes end with 

    ?wc-ajax=get_refreshed_fragments
    https://www.plasticatbay.org/products/evidence379669/?id=566&v=79cba1185463"

    the address it redirects to doesn’t exist and never existed on the website and there is no “evidence” product.

    I have noticed that it might come from reviews on Google but it is very unclear what could be the source of this issue.

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi @moreaujuli1,

    Thank you for reaching out and providing detailed information about the issue you’re experiencing. I understand that you’re seeing unusual activity on your website, specifically with product URLs that don’t exist on your site.

    It’s great to hear that you’ve managed to remove the malware from your site. However, the strange logs you’re seeing could be a result of several things. It could be leftover traces from the malware, or it could be an issue with your WooCommerce setup.

    To better understand the issue, I have a few questions:

    1. Have you noticed any pattern in these requests, such as the time of day they occur or the IP addresses they originate from?
    2. Are you using any SEO or redirection plugins that might be causing these redirects?
    3. Have you recently made any changes to your site’s .htaccess file or to your site’s permalink structure?

    If you’re not already using a security plugin, I recommend looking into options available on the WooCommerce marketplace.

    We look forward to your response.

    We haven’t heard back from you in a while, so I’m going to mark this as resolved – we’ll be here if and/or when you are ready to continue.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Woocommerce redirect on products not existing’ is closed to new replies.