Google Search redirecting to spam page (16 posts)

  1. ismailcherkala
    Posted 3 years ago #

    i am facing a problem in my website. When i search when i click to the link to index page from google search result it is redirecting to some google-sales.com page. All other links works fine. Problem is only to home page.

    Also i noticed, when i click to home button from post under one category (ask louise), it redirecting to the same page and i found this happens only from this category ( http://www.expatechodubai.com/category/ask-louise/ )

    Also the strange thing i noticed is , these spam redirection not happen always. Only frequently. after sometimes working fine and coming again.
    here is my website


    please some one help !!!

  2. If the contents of your .htaccess file is not too many lines, can you paste it here? Use the code button to format it.

    If it's more than 10 lines, please use pastebin.com instead.

  3. Sisir
    Posted 3 years ago #

    It could be your site is hacked and malware added on your site code. I had the similar attack before. It takes away your search engine traffic to another site (it doesn't redirect you if you are logged in so sometime people never notice it).

    Although the site shows clean http://sitecheck.sucuri.net/results/expatechodubai.com/ But I think you should update your wordpress version.

  4. ismailcherkala
    Posted 3 years ago #

    Thank you so much for your reply.

    Today whole day i checked for any kind of hack code in my WordPress, finally found some malicious code in my theme index.php file.

    it was just before my get_header() function.
    you can see the hacking code here .

    Can you have any idea on how these code come in my index.php file. Any idea on script that edited this file so that i can take more action to prevent this happening again.


  5. Sisir
    Posted 3 years ago #

    There are lots of ways how those malware code can get in.

    1. First of all if you are in oldest version of wordpress. Its like you are asking for trouble.
    2. Its good that you've found malware code now you know you are infected. But there might be more. Its something that can reproduce itself. you are removing it on one page and its propagating to some other pages.
    3. http://codex.wordpress.org/FAQ_My_site_was_hacked
    4. Do a google search about how to fix malware attack on wordpress
    5. Read this codex page http://codex.wordpress.org/Hardening_WordPress

    Also know that other site on that hosting account might get attack too.

  6. adpawl
    Posted 3 years ago #

    This malicious code it's not all.

    Another code is in tmp/wp-cache.tmp and some txt file - named in this style:
    Probably also it is hidden somewhere shellcode.

    Read links provided by @prionkor
    Check also your .htaccess and wp-config.php file.

  7. ismailcherkala
    Posted 3 years ago #

    thank you again for information.

    Can some one tell me, is there any chance to get affected to the database?
    or simply replacing the source file will solve the issue?
    i am going to do wordpress upgrade as soon as possible.


  8. is there any chance to get affected to the database?

    A chance? Yes.

    simply replacing the source file will solve the issue?

    99.999% chance of "No, not at all."

    The attacker that compromised your WordPress installation got in somehow. Just replacing the files may not wouldn't necessarily close the door on the attacker if, for example, the weakness was an insecure server.

  9. ismailcherkala
    Posted 3 years ago #

    Ok. Thnx.
    How can i search the database for infected code. How to clean this database.
    Will it be in plugin related database entry?

    Is there any plugin that find this infection from database.

  10. Sisir
    Posted 3 years ago #

    I think there might be some plugins. Search google i don't have any recommendation. I fixed my site hiring a professional. Did you read those articles i send links? They should have some advice..

  11. adpawl
    Posted 3 years ago #

    Maybe http://wordpress.org/extend/plugins/exploit-scanner/
    Changes in the db can also be detected by the analysis of suspicious code.
    You can also manually search for instances eval, base64 etc.

  12. NuBlue-Hosting
    Posted 3 years ago #

    Personally I would also contact your host, tell them what has happened, ask when and how it happened (they should be able to tell from the server logs). Sometimes a hack can be the result of your ftp account being compromised, not your site. I would say it is important to find out exactly how they got in.

    Once you know this, if they did get in through wordpress it may be very clear from the logs when the compromise happened. In that situation your host may then be able to restore a backup of the site before it happened which you can then imediately update your wordpress and plugins to close the hole (and then repost any new content which isn't in the backup).

  13. ismailcherkala
    Posted 3 years ago #

    Thank you so much for valuable information.

  14. jason9527
    Posted 3 years ago #

    If you want to know more about tablet computer, can focus on McBub mall.

  15. JaptainJack
    Posted 3 years ago #

    Please can any one help? I am having the same problem I have use http://sitecheck.sucuri.net/scanner/ to scan it say the website is yet my google search is still being redirect to this website http://bee.edns.biz/

    please I need some help

Topic Closed

This topic has been closed to new replies.

About this Topic


No tags yet.