-
June 26th, 2019, 08:39 AM
#1
Junior Member
Website redirected to another website? URL injection in wordpress website
I noticed on WordPress websites was redirected to a random website after clearing browsing history, cookies only for once after every history, cookie removal and webmaster listed websites hacked. I took the backup of all websites and necessary steps to avoid such problem again but was unable to understand why it happened.
-
June 26th, 2019, 04:19 PM
#2
"Why?" Malicious intent ... to commit an unlawful act or cause harm without legal justification or excuse.
-
July 24th, 2024, 05:57 PM
#3
Junior Member
The situation you described ? being redirected to a random website after clearing browsing history and cookies on WordPress websites ? points towards a potential malware redirect issue on those specific websites. Here's a breakdown of what might be happening:
Hacked Websites: The webmaster's suspicion of hacked websites is likely accurate.
Malware at Play: Hackers might have injected malicious code on these websites that triggers the redirect after you clear your browsing history and cookies.
Clearing Triggers Redirect: The act of clearing cookies and history might be a trigger that activates the redirect script.
Here are some reasons why hackers implement redirects:
Black Hat SEO: They might redirect traffic to their own websites to inflate their own traffic numbers or for other malicious SEO purposes.
Phishing Attacks: Redirects could lead you to fake websites that look legitimate, tricking you into entering personal information.
Malware Distribution: Redirects might take you to websites that attempt to download malware onto your device.
Here's what you did right:
Backing Up Websites: Having a backup is crucial in case your website gets hacked.
Taking Steps for Security: While the specific steps aren't mentioned, it's good practice to take security measures to protect your websites.
Here's what you can do next:
Scan Your Websites: Use a reputable website security scanner to identify any malware or vulnerabilities on your websites.
Clean the Malware: If malware is detected, remove it using a website security plugin or by seeking help from a web developer.
Update WordPress, Themes, and Plugins: Outdated software can have security vulnerabilities. Update everything to the latest version.
Change Passwords: Change your WordPress login credentials and any passwords associated with these websites.
Monitor Your Websites: Keep an eye on your website traffic and activity to detect any suspicious redirects in the future.
-
October 2nd, 2024, 07:34 AM
#4
Junior Member
Something similar happened to my job and career website, but turns out it was actually a hijacked Chrome plugin!
**Links removed by Site Administrator so it doesn't look like you're spamming us. Please don't post them again.**
-
October 10th, 2024, 06:23 PM
#5
Member
I think what op is asking is how it happened. The website obviously has a security vulnerability in it. What can you do?
Scan you computer and browser it might be leaking info.
Copy your website and install on a local machine.
Scan not your website with wordfence and gotml plugins.
If your WordPress core is not custom delete it and install a new one, updates do not change all files. (this will make sure you have a clean WordPress install)
Update your plugins and themes ( again install new ones where possible )
- Change your WordPress password
- Your hosting password,
- Also change your database password or no password change will help.
- Change your email password of the admin of that site.
Redeploy the site. Monitor the logs usually hack attempts will start of with alot of 404 errors as they probe.
Its my opinion they injected a script that knows your ip (or records a ip that knows how to log in) or set a cookie to keep you on the site but redirect everybody else. That way you know nothing and they will stay hidden.
Similar Threads
-
By manpreet20007 in forum Newbie Security Questions
Replies: 4
Last Post: November 16th, 2018, 12:24 PM
-
By HYBR|D in forum Security News
Replies: 1
Last Post: March 28th, 2011, 10:08 AM
-
By Aspman in forum Spyware / Adware
Replies: 20
Last Post: November 21st, 2005, 09:07 AM
-
By devildell in forum Newbie Security Questions
Replies: 4
Last Post: September 12th, 2004, 05:41 PM
-
By djhuk in forum Web Development
Replies: 18
Last Post: January 9th, 2003, 08:03 AM
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|