Hacked redirect issue
-
First if this isn’t the correct area to post this I apologize.
So I got hacked this weekend and I’m having an issue figuring out where to locate the changed files. Or how they got in.
Using latest wordpress/woocommerce. all plugins up to date. Very strong password. So it had to be brute force.
Quttera internal scan shows the only two suspicious files are in my error logs. Threat name: Heur.AlienFile.gen
False postive?Looked in my themes files. htaccess and all the usual suspects and see no odd code. I’m using the udraft plugin and it has a bunch of stuff in my htaccess file. so maybe something was snuck in there that im not noticing?
Not hugely familiar with databases but I combed through that but didn’t see anything either.
Help?
The page I need help with: [log in to see the link]
-
All internal malware scans return zero results.
I’ve compared fresh files with current ones using the usual culprit injecting files (head,footer,index. wp-config, theme files, etc) all are clean.
htaccess looks normal to me.
modified dates on files don’t show anything being changed in the last month.
Admin page(s) don’t redirect, all public facing pages do.
I didn’t have a recent files back up (I should know better) but I did refresh my database with a back up that should have been several days/week before the hack happened.
Is it possible this is a host hack? The page will fully load and then it gets redirected.
The topic ‘Hacked redirect issue’ is closed to new replies.