WordPress.org

Ready to get started?Download WordPress

Forums

Undesired Redirect when using Hand-Held Devices (9 posts)

  1. mjwillyone1
    Member
    Posted 2 years ago #

    Friends,

    I am having an issue with a website where it loads great on computers, but not on digital devices (iPod, iPad, etc.) The site gets redirected to a sales page one time, this or that another.

    Is there a file that holds the redirect info that I need to replace? I am guessing that the site has gotten hacked. There are no plugins that I can see that are set to redirect.

    Thank you very much,
    Mike

  2. To check and see if your site got hacked you can use this tool -http://sitecheck.sucuri.net/scanner/

    If it's not, can you provide al ink to your site so we can have a look?

  3. mjwillyone1
    Member
    Posted 2 years ago #

    Thank you very much, Christine. I used the tool and their were no problems identified.

    The site is located here: http://www.coolhuntsville.com

    Thank you,
    Mike

  4. That's very strange. I just took a look and your site is fine on my Mac, but on my iPhone I'm sent to this russian sites with girls on it...

    I think that there's something funky going on.

    You could scan your theme files with this tool - https://www.virustotal.com/

    Where did you get this theme? I would ask whoever created it.
    It might be coming from one your plugins too, I'm really not sure.

    You might need to hire someone to do some investigating.

  5. Eric Mann
    Member
    Posted 2 years ago #

    I threw your site into Fiddler to see what was going on and spoofed a mobile user agent. If you're viewing it from the desktop, everything comes across fine. If you view it from a mobile device (or a device broadcasting a mobile user agent), there's a bunch of extra JavaScript placed before the opening <!DOCTYPE html> tag that will redirect the page.

    I won't post the code itself here because it doesn't really matter. Short story is that your site's been hacked. Check out your template files to look for strange new lines. Check your server access logs. Change you passwords. Clean things up and restore from a back up.

  6. I once cleaned up a site that had similar symptoms; the issue turned out to be a weak ftp password that allowed the attacker to rewrite the .htaccess file to do the redirects. Check to be sure that yours only includes the entries that WordPress itself adds (described in the http://codex.wordpress.org/Using_Permalinks Codex page).

    On second thought, do what Eric said!

  7. Jeremy Herve
    Member
    Posted 2 years ago #

    Just my 2 cents; I would also recommend that you turn off or remove ads or ad plugins that may be running on your site right now. This redirection could be caused by an ad network displaying shady ads on mobile devices.

  8. Daniel Cid
    Member
    Posted 2 years ago #

    Yep, I see the malware in there... Our engine detects it as:

    *Known javascript malware. Details: http://sucuri.net/malware/malware-entry-mwjs69693
    <script>var _0xe1e8=[..

    It is conditional and only respond to certain user agents (iphone, ipad, etc).

    If anyone is curious, it redirects to: httpx://[ redacted, why post that here? ] w/?type=js&seref=undefined

    thanks,

  9. mjwillyone1
    Member
    Posted 2 years ago #

    Thank you all. I have found similar problems in the htaccess files of Joomla sites but not with WP ones.

    Eric and dd... can you tell what file has been changed? Is it the htaccess file. If so, can I do what I have done with Joomla sites and simply 1) place a default htaccess file in place of the old. 2) increase the file security?

    Thank you so much!

    Mike

    [ Please do not bump, that's not permitted here. ]

Topic Closed

This topic has been closed to new replies.

About this Topic