My website now is being redirected to spam

Status
Not open for further replies.

dartagna

Member
Messages
38
Reaction score
0
Points
6
Man oh man...

Its always one more thing over here.

Now my website redirects to some spammy sites...

2maUewV.png


Now where do we go from here...
 

garrettroyce

Community Support
Community Support
Messages
5,609
Reaction score
250
Points
63
Your settings appear to be correct, but a malicious user may have been able to upload something to your site through a software vulnerability or cross-site scripting. It appears to me that your website loads correctly, then is redirected via some malicious means immediately after. If you are using software to manage your website (like Drupal, Wordpress, etc.) try logging in to the administration interface and deleting any comments or files uploaded by users.
 

Anna

I am just me
Staff member
Messages
11,750
Reaction score
581
Points
113
I did try to do some digging, not sure exactly where the cause is, but when I check through the developer tools of chrome it appears the redirect somehow originates from plugins folder, at least I see one of the offending urls in that context during page load.

I would advice to remove all plugins and make sure you reinstall with fresh files. If that doesnt help, fresh files for the full wordpress installation might be needed. To achieve this delete everything except wp_config.php (make sure it looks clean, compare with a fresh one if needed), take a backup of your uploaded photos and other files you did upload as part of the contents, make sure you know each and every file is yours and clean.

All posts and settings are in the database, so you should not loose any of that in the process. Also make sure all plugins as well as wordpress itself is kept up to date.
 

dartagna

Member
Messages
38
Reaction score
0
Points
6
Thanks. In the direct admin interface, why is it I can see my base x10 domain...and see it points to my purchased domain...as well as a secondary purchased domain which also points to the main purchased domain...but it doesn't list the main purchased domain anywhere it seems?
 

Anna

I am just me
Staff member
Messages
11,750
Reaction score
581
Points
113
If that domain was previously a parked domain, you should be able to see it under "Domain Pointers".

Domain pointer is the closest match to a parked domain that DA has, it does not quite work the same though. You can not do any configurations on a domain pointer, it will however be able to duplicate anything you put on the default domain.
 

dartagna

Member
Messages
38
Reaction score
0
Points
6
Thanks for the help. I took some manual backups to compliment my updraft backups just in case, and dumped the original Wordpress installation.

Then restored everything - had to fix a few minor issues - and added extra levels of security.

Looks like a comment on Feb 16th might have been the culprit or the genesis of the trouble.
 

garrettroyce

Community Support
Community Support
Messages
5,609
Reaction score
250
Points
63
There should be plugins for disallowing certain comments. Also make sure your software is up to date. A random user (or even an administrator) should not be able to post javascript in a comment.
 
Status
Not open for further replies.
Top