digitalwebxpert blog

How To Detect & Fix WordPress Malware Redirect Hack

1.Does your WordPress website redirects to spammy site?

These hackers may make out money, data and confidential information from your website.
If in any case, your website is being redirected to phishing or malware websites then get ready for the consequences.

Yes, of course, Google is not going to take any chance with its reputation and you are definitely going to be penalized by Google maybe your website gets blacklisted.
So, it’s very important to know what should be done right away when you see your site is being redirected to phishing or malware websites.

2. What is WordPress Malware Redirect Hack?

Generally, a malicious WordPress redirect is detected through the site’s front end when a visitor is redirected to any other page instead of the page or any website he requested. In most of the cases hackers use a particular script to redirect the website to a porn or scam website to harm your website and put the popularity at stake. Commonly used tricks to change the website’s redirection includes:

Can add themselves as a ghost admin on your website
Can inject or upload a malicious code in your WordPress site
Can execute .php code
If any malicious script is added by hackers it’s often named to look like a legitimate file like that’s the part of WordPress core files on the website. Hackers can add malicious code to wp-content/plugins or wp-content/uploads folders, .htaccess, wp-includes, wp-content/themes, or wp-config.php file.


3.Few Malicious Codes Inserted in WordPress sites?

If your WordPress website is infected with malicious redirects, check the following areas for suspicious code:

Core WordPress Files
htaccess file
theme files
header.php (in the themes folder)
footer.php (in the themes folder)
functions.php (in the themes folder)

4.How to detect and clean WordPress Redirect Hack?

Step 1 : Scan Your WordPress Site
There are various ways of checking your site and in any case you find that your website has been hacked with a malicious script, you need to generate a complete backup of your website. While cleaning your site you might make any mistake and then that backup acts as your savior. Once you have backed up your complete website, you’re ready to run a website scan using a WordPress Malware Scanner.

Step 2: Find the Malicious Code
There are number of places where you can locate the malicious code on your website. We understand it’s definitely not an easy task to scan the code chunk by chunk in each page of your website. There are times when the culprit can be enclosed somewhere in your server. And for few places you’ll need ftp/ftps login details to get access to these places to start the malware cleaning process.

Step 3: Deeper Dig in the website
At times there is no harm in running tests to analyse whether your website is infected with a malware/malicious code or not. For this, you can use any test to pretend you’re a user agent or Google bot using a googlebot simulator or you can also use FETCH AS GOOGLE from the website’s webmaster console. There are few commands that work through ssh client. By employing certain code you can look into that place where the hacking has been done and further can remove the WordPress malicious code manually.

Step 4: Removing Bad Code
You’ll need to remove the malicious scripts that causes website redirection to the abusive sites. The malicious code with the new pages can be removed from the Search Engine Results together by using the remove URLs feature and by going to Google’s Search Engine Console. Also, update the plugins, themes and ensure the new core theme is installed plus up-to-date. Change or reset the passwords.

Step 5: Submit Malware reconsideration request using Search console
Google Webmaster tool is one of the best tool for webmaster which you can get for free, and if you have not yet submitted your Website in GWT, you are missing out many vital information regarding your website. Here I’m sharing step by step guide to put malware review request using Google Webmaster tool:

Login to Google search console
Verify your Website ownership
Click on Site > Dashboard > Security issue

5. How to Protect your site from WordPress Malware Redirects?

It’s important to harden your WordPress security by following the guidelines listed below:

Ensure your WordPress site core files are updated.

  • Use a safe Secure WordPress Hosting Service, that can manage your WordPress Site instead of just hosting it.
  • Plugins and themes need to be updated
  • Remove inactive themes or plugins that are not being used in your website.
  • Do not install nulled themes or plugins.
  • Keep one or two admin accounts.