I am facing a peculiar problem for the past one week. I am using Mantra Theme, for one of my customer's site. Last week, i found the site was hacked, and .htaccess file was modified to redirect all google bots to a russian site. eg: sociallytouch.ru ..
I deleted all existing installation, but kept the same DB. I uploaded fresh files of wordpress and Mantra Theme, and still the site is redirected to the russian site.
I could have just re-installed. But i wanted to find why it was happening, and thus started debugging. From Live HTTP headers, and firebug, i could observe the following.
1. The redirect happens, the moment the custom header is accessed, a 303 redirect is happening.
2. I tried accessing the custom header file path, and the site is redirecting. For other files, its NOT redirecting.
4. I tried searching for the term ".ru" in options table, and in Posts table, but i could find no records in the table. But still from some where, the wordpress is redirecting to sociallytouch.ru .
Can any one guess why its happening? I searched in the net to get any help, but i could find only the below link specific to this issue.