I moderate a non-profit site, njbreastfeeding.org and we host an annual healthcare conference. I recently noticed that sometimes mobile access to site (iPhone/iPad) would occasionally redirect to porn sites (instabang, after cycling through few other links, on iPad and badoink on iPhone). This happened only occasionally and only on mobile devices but I treated it as it the site was hacked. Checked code the best I could, changed all passwords, updated wordpress and all plugins, changed theme (the theme I was using had a funky php code), installed Wordfence, and ran site through some of the free Chrome url checkers. I also checked with Go Daddy the hosting service used. I do not know if I eliminated the problem, one site user reported she was redirected to badoink on phone after changes were made but I have another problem that may or may not be related.
The website can no longer be viewed on campus at the hospital, where nurses and others need to access pdf files and registration for our conference (it opens fine on all the normal browsers and devices I have checked). Only the background image loads on most of the computers checked at work. I did check with IT on campus and the representative was able to open the website and view everything, so that ruled out a firewall. One computer loaded the site after a message box was displayed but when a new page was attempted only the background image displayed.
This is the message that appeared on the worksite computer (it also appeared on an old laptop I used to check browser compatibility with IE):
“In order for this site to work properly, and in order to evaluate and improve the site we need to store small files (called cookies) on your computer.
Over 90% of all websites do this, however, since the 25th of May 2011 we are required by regulation to obtain your consent first. What do you say?”
The wording and message are not mine???
Are these 3 issues related:
1) Occasional redirect to porn sites on mobile viewing only (instabang/badoink)
2) Unable to view website on worksite computers (at two local hospitals)
3) Strange cookie storage message
Managing the website is a volunteer position and I am definitely a “newbie” with web stuff. Can anyone offer any suggestions for any or all of the problems? Any help would be appreciated.
I think it’s reasonable to say that your site is still in a compromised state. I just visited it via an iPad and was redirected to the romantic sounding instabang. There’s obviously some malicious code present somewhere on your site.
There’s not really an easy get out of jail card to deal with it. If you don’t know what you’re looking for, it may be prudent to gain the services of someone that does.
You need to start working your way through these resources:
Anything less will probably result in the hacker walking straight back into your site again.
Thank you both for your replies. Esmi, is it possible this is just a hosting problem? I have gotten clean scans via sucuri, unmaskparasites, and Google checks (all claim site is safe) and the redirects are inconsistent and only on mobile devices? I had done a lot of searching prior to posting and have attempted to do all the suggestions but if there is some hidden minutiae of code, I certainly do not have the background or training to locate it. It seems others have had similar issues but no simple solution could be found.
So if it is determined that this is not a hosting issue is my only recourse hiring someone who can fine comb all the code and close any backdoors? Or could I close it all down and reopen (money is an issue for the non-profit but my time is free)?
Thank you for any feedback you offer,
- The topic ‘site not loading at work location’ is closed to new replies.