Malicious redirect problem

13 replies [Last post]
grey
grey's picture
Offline
SX Retired
Joined: 2010/01/14

Hey SX community,

I recently began contract work as a web designer. As I never brushed up on my web security skills I am currently at a loss for an existing problem with a client's site.

It seems that the main page will load only after an attack site notice from google, and each link from the main page redirects to an external (insert domain).ru site.

I have discovered a .htaccess rewrite and took care of that along with additional rewrites on the same host. I have checked the .htaccess file multiple times since and this is usually here.

## BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

The client uses Wordpress as the platform and it baffles me as to any other means that a malicious redirect could be done.

Any ideas or methods of checking for causes would be greatly appreciated.

and I am still around SX from time to time, working and living life mostly but I keep up with things here.

Grey

What is the point behind knowledge if it is not being applied, and in a productive manner?