Support » Plugin: Wordfence Security - Firewall & Malware Scan » Browser button hijacked

  • When i go to my home page, if i press the back button it takes me to a spam site. Has anyone else got this problem? Need help. Word fence scan not picking anything up.

    • This topic was modified 3 years, 7 months ago by matarij.
Viewing 7 replies - 1 through 7 (of 7 total)
  • Try cleanig our browser cache, and then try again.

    This is nothing Wordfence would have anything to do with, or be able to control!

    Hi both
    Thank you for your replies.

    Clearing the cache won’t help as it is replicated on all visitor’s browsers

    My point about wordfence is it is not picking it up and I wondered if this is a new issue

    Could You tell me, what address the spamsite has?

    You could try this:
    Download a complete backup from your webhotel to your pc, then download and install this program- TotalCommander from here:

    Then use the Totalcommander option- “Find Text (Commands/Search/Find Text”, put in the address for the spam site and let it search through your backup.
    This might tell you, where to find the solution.

    Plugin Author WFMattR


    Hi @matarij,

    Yes, this could be a new type — we’re constantly adding new signatures for malicious files, and new malicious files are being developed all the time. It is possible for malware to push a URL into the browser’s history, to cause the back-button behavior like this. It could be a javascript file or an inline script on the page.

    We have a guide for cleaning hacked sites here — some of the additional scan options or other techniques may help find the malicious file:
    How to clean a hacked website

    If you find a file by these methods, we accept malware samples at the email address samples (at), to be analyzed and added to future scans.

    -Matt R

    The site that the back button goes to is:

    Thank you Matt R – if I find the file I will certainly let you have it.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Browser button hijacked’ is closed to new replies.