Moderator
t-p
(@t-p)
– The Exploit Scanner plugin can help detect damage so that it can be cleaned up. Other things you should do:
- Change passwords for all users, especially Administrators and Editors.
- If you upload files to your site via FTP, change your FTP password.
- Re-install the latest version of WordPress.
- Make sure all of your plugins and themes are up-to-date.
- Update your security keys.
- See FAQ My Site Was Hacked.
– Just cleaning out files isn’t enough. When you’re done, you may want to implement some (if not all) of the recommended security measures.
Moderator
t-p
(@t-p)
Also, why are you using an old version of WordPress? Not safe at all! Upgrade to the latest WordPress asap.
4.7.4 is the latest
Use FTP program to login to your hosting and rename .htaccess file to htaccess.txt and see if the redirect disappears.
Also, navigate to /js/ folder and delete /start.js file in it. If you’re lucky that should stop the redirect.
-
This reply was modified 9 years ago by
sinip.
Thread Starter
jtg999
(@jtg999)
Hi,
Thank you all for your advice. I’m at my wit’s end.
I’m sorry I forgot to mention that I am hosting a WordPress theme(?) with another site and not using WordPress as the host.
I do have a JS folder but no file called /start.js.
Yes, I know I should upgrade my WordPress version and try different plugins. But the only I know how to get to my WordPress admin to make those adjustments is to type:
Website.com/wp-admin in the address bar.
Unfortunately, every time I do that it is redirected to a porn site. I’m surprised that there is no other way to access my WordPress page.
At this point I’m so upset, I want to delete everything. If I delete all the WordPress files, do you think I’ll have control of my website back? Then I can download a new version of WordPress and start all over again?
Thanks again for your help1
Moderator
t-p
(@t-p)
At this point I’m so upset, I want to delete everything.
If you have NOTHING to loose, then nothing wrong doing it, and starting with a clean slate.
Always keep everything UP TO DATE. Otherwise, you leave your site for being hacked.
Well it is pretty obvious that you’re hosting your WP website on another host, that’s not an issue here nor it affects advices given, in any way.
Yes, if you delete everything you’ll get control back, but you’ll have to start from square one. Have you tried to delete or rename .htaccess file?
Also, do you have any current backup? If you don’t have it, contact your hosting support, they might have some automated backup.
Regarding that start.js file, it shows up in Sucuri scan, but it might be obfuscated, called in from outside source, or even somewhere in the database.
Thread Starter
jtg999
(@jtg999)
Thanks again!!
Yes, I did rename the .htaccess file and it was still redirected.
I do have an old backup. I think I’m going to go ahead and start from scratch.
Thanks again for the quick replies.
