Develop Reference

Wordpress - Website was hacked and it is redirecting to some malicious website [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 1 year ago.
Improve this question
I have a WordPress website running, but recently my website has been hacked. It is not even possible to enter my website: if I browse to my website it is redirected to some other website.
I have try to clean up the code and checked for any script inject but I couldn't locate the malicius script. How can I overcome this?
I have tried to remove the unwanted Plugin
I have tried to update all the plugins.
I have tried to clean up all the files like functions.php,
header.php, footer.php but there is no use of it and I couldn't
locate the injected scripts.

You can scan the web-site on the local machine using software ai-bolit https://revisium.com/aibo/
create backup web-site
Download on local machine
unpack archive in folder ai-bolit
Notice: Do not unpack the archive into a directory with space character. For example,
C:\Documents and Settings\Michael\Downloads\aibolit-for-windows-en\ - will not work
C:\aibolit\ai-bolit-for-windows-en\ or d:\mysites\aibolit-for-windows\ - will work
For security website scan on your own
Unpack the backup archive of your website or place files which you want to check into the "site" folder
Run start.bat (for common check) or start_paranoid.bat (for "paranoid" check) to scan website files for viruses and hacker's scripts
Scanner will create AI-BOLIT-REPORT.html file upon completion
For malware analysis or website infection analysis by security experts ("paranoid" mode + quarantine file)
 
1. Unpack the backup archive of your site or place files which you want to check into the "site" folder
2. Run scan_and_quarantine.bat
3. AI-QUARANTINE-XXXXX.zip file and report AI-BOLIT-REPORT will be created upon completion (XXXXX is replaced by date and time numbers)
4. Send the file AI-QUARANTINE-XXXXX.zip to ai#revisium.com with the subject "Check the Report" for free malware analysis.
The archive will contain everything experts need for analysis.

First of all, install a wordpress security plugin ex. Wordfence. It will help you locate the malicious file in your public_html foolder and also lets you know if any of your file was modified.
Secondly, check your domain settings in your host. You can check to verify whether your domain is being redirected to other site.

Check and do the below list.
check the file edition date inside file manager or FTP.
check .htaccess
check wp-config.php
check the content text inside posts and pages.
check inside uploads folder.
Add Wordfence plugin
Add Anti-malware security plugin

I faced a similar issue.
When accessing the website directly from the browser, it's working well and no redirect happens but when opening the website from Google search results, it redirects to another malicious website only the first time the URL opened. In the second time, no redirect happened.
After some digging, there was a plugin installed and hidden (not being displayed in plugins list) called zend-fonts-wp.
Using Freesoul Deactivate Plugins I disabled this plugin from being loaded and delete it permanently from plugins folder. I also deleted two database tables injected by this plugin called wp_wusers_inputs and wp_wzen_time_table.

Attackers use several ways to redirect the user
Redirect users through malicious codes which they inject into the
website
Attackers might also execute .php codes
Attackers can add themselves to your website as ghost admins
By inserting codes in .htaccess/wp-config.php files
By inserting JavaScript in WP plugin files
Check these files for the following malicious codes:
Index.php
Index.html
-.htaccess file
Theme files
Footer.php
Header.php
Functions.php
Helpful resources - https://www.getastra.com/blog/911/wordpress-hacked-redirect-wordpress-website-redirecting-to-malicious-pages/
https://www.getastra.com/blog/911/wordpress-files-hacked-wp-config-php-hack/

I had faced the same problem got the solution worked fine with 3 simple steps.
step 1. backup/zip all your files and folder of wordpress site
step 2. donwload and extract fresh wordpress (do not install)
step 3. replace wp-config.php and wp-content folder from the backup or was created in step 1.

Linking to a file on server in Wordpress

I hava a website in Wordpress. Let's say is installed on a domain www.something.com.
I know how to get to individual files, but is it possible to make a link to a file, so that the URL would be: www.something.com/pdf/article1.pdf?

Yes ofcus, Simply put in the link like so, in your html/text
Download here
to refer to the file, and make sure u have the pdf folder created in your root directory.
Good luck.

WordPress - How to replace all wp.me shortlinks?

I have a website which is hosted at wordpress.com and I want to transfer this one to an own hosted environment. The current website on wordpress.com includes a ton of links which are shortened with wp.me and have been used to link from a page to another page/post.
I want to change the internal links to "normal" links, because otherwise the links are directing still to the site at wordpress.com. How can I do that? Is there a way to do this (semi-)automatically? Any chance to get a table that shows the permalink and the corresponding shortlink?
Thanks!

you can use this script, I think it's the best for wordpress migrations.
Download
Create a new folder in the server root directory
Upload the files in to that directory
Type the correct url www.yoursite/yourdirectory
Enter the current url in your DB and the new Url
Click in dry run and then live run
Remember to download a copy of the DB.

how to secure woocommerce downloadable files

As the title states I have a question about digital downloadable products through woocommerce. I am new to web development and wordpress so go easy on me. I am trying to add a downloadable product where you can't access the file by direct url. I have set the download type to force download to prevent link sharing but found that I can still access the purchasable files by typing in the direct path Example:
example.com/wp-content/uploads/woocommerce_uploads/2015/06/examplefile.pdf
I have done quite a bit of research but have come up with very few results. One of the only things that I have found is that I should move the downloadable files outside of the root directory. I have attempted to do this but then the download links no longer work. Instead of doing a forced download like normal it redirects to to a page like
example.com/home/user/public_html/home/user/downloads/examplefile.pdf
So I am thinking woocommerce must not be friendly with the files outside the root directory. All in all I am out of ideas of what else to try. Any help or suggestions of how to make this work (having files outside root directory) or other solutions would be greatly appreciated.

If you create a folder outside the public_html directory and upload the files here, you will be safe.
You can find detailed explanations about this topic and how to copy the links of uploaded files in this blog post.

You can add a .htaccess file in the woocommerce_uploads folder with
deny from all

How to configure a WordPress blog to save uploaded images to a certain dir.?

I have a WordPress blog installed on my server but when i upload a image it goes into one directory, but the blog front end is looking for the images in another directory, so the images show as broken. I have been manually copying the uploaded images from server location to the one WP looks for them in and it works.
How can i set the WP blog to upload to the same dir on the filesystem that the WP front end is trying to pull from?

The problem is most likely WordPress failing to correctly guess the upload path and URL.
Go to Settings > Miscellaneous and hardcode the correct path and full URL.