Support » Fixing WordPress » website redirect to another website

  • nkwebdesign

    (@nkwebdesign)


    my website got hack and keep on being redirect to another website.

    I just look at
    .htaccess

    seem normal there
    where else do I need to look?

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter nkwebdesign

    (@nkwebdesign)

    I found this
    but I am not sure how to get rid of this

    <html lang="en-US">
    <head>
        <meta charset="utf-8"/>
        <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
        <title> Able Mortgage</title>
        <link rel="pingback" href="https://www.ablehomeloans.com/xmlrpc.php"/>
        <link rel="alternate" type="application/rss+xml" title="Able Mortgage" href="https://www.ablehomeloans.com/feed/"/>
        <link rel="alternate" type="application/rss+xml" title="Able Mortgage &raquo; Feed" href="https://www.ablehomeloans.com/feed/"/>
        <link rel="alternate" type="application/rss+xml" title="Able Mortgage &raquo; Comments Feed" href="https://www.ablehomeloans.com/comments/feed/"/>
        <link rel="alternate" type="application/rss+xml" title="Able Mortgage &raquo; Home Comments Feed" href="https://www.ablehomeloans.com/home-page/feed/"/>
        <script type="text/javascript">
        window._wpemojiSettings = {
    barnez

    (@pidengmor)

    Take a backup of the header.php file found in the theme’s directory. Download a fresh version of the theme and replace that file. However, unless you remove the vulnerability used to insert that code, and remove any backdoors added to the site file and/or database, the hack may well return.

    Try replacing that file and updating all passwords – WordPress dashboard, database, hosting control panel. Also update the salts in wp-config.php to log out all users. Check and remove any unknown users with admin rights. Then install the Wordfence plugin, deep scan and see what it turns up.

    Thread Starter nkwebdesign

    (@nkwebdesign)

    Still got hacked.

    barnez

    (@pidengmor)

    You have to fnd two things a) the infected file(s), and (b) the orignal vulnerability that allowed the hack to take place.

    Read: https://wordpress.org/support/article/faq-my-site-was-hacked/

    The standard process is:
    1) Put your site in maintenance mode to prevent any loss to SEO
    2) Take a full site and database backup
    3) Replace all passwords and salt keys
    4) Replace all WordPress core files (except wp-config.php and /wp-content/ directory) with fresh version downloaded from WordPres.org
    5) Replace all plugin and theme directories with fresh version downloaded from WordPres.org
    6) Audit used plugins/themes – are these maintained and regularly updated?
    7) Examine all the remaining files/directories carefully – check timestamps for recent changes, strange or obfuscated code, odd filenames
    8) Ask host if they have any input e.g. other hacked sites on same server, anti-malware scan results for your site
    9) Remove any unauthorised users with admin rights

    When you beleive you are done, read and implement the suggestions in: https://wordpress.org/support/article/hardening-wordpress/

    If you can’t resolve it, seek extenal help.

    Good luck!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘website redirect to another website’ is closed to new replies.