Solved

WordPress forwarding/linking strange content

Posted on 2013-11-04
3
244 Views
Last Modified: 2013-12-01
********** BACK STORY **********

Client calls and says they have a strange description of their site on google.

Sure enough, they're right. They whole description is about adobe software.

So, I started searching the content. To the point that i downloaded the entire public directory & pulled a sql dump. from linux cl, used both find & grep in attempts to find any word pattern.

adobe, best, price, etc.

I'm intentionally misspelling the domain name so this questions doesn't come up in google if its searched.
replace the numbers for vowels.

d3nt@lfixrx.c0m

********** HERES THE ACTUAL QUESTION **********

If from the home page, you click on the Home button (sometimes times the second click) - you will be sent to this adobe page. The url still says the correct domain name. Looking at the error console & network request - I can see that the requests are going to wp.com

I can't find the link in any css or js files. The <a href link is also correct.

Where could this problem lie ?? Please help experts.
To be clear, my question is about the Home button forwarding to the wrong site / pulling content from invalid site. What is the cause of this home button going to the wrong home page ?

Thanks in advance experts.
-steve
0
Comment
Question by:Imaginx
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 70

Accepted Solution

by:
Jason C. Levine earned 500 total points
ID: 39623349
The site has been hacked and there is code injected into one of the PHP files (probably a core file) that is causing the problem.  

Try following some of the basic steps in this article:

http://www.experts-exchange.com/Web_Development/Blogs/WordPress/A_10806-Recovering-From-and-Preventing-WordPress-Site-Hacks.html

But in all likelihood you will need a service such as Sucuri or StopTheHacker to step in and analyze the site for back doors and insecurities.
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
This article discusses four methods for overlaying images in a container on a web page
The purpose of this video is to demonstrate how to reset a WordPress password if you are locked out and cannot reset the password. A typical use would be if you cannot access the email to which WordPress would send the password recovery email to…
The purpose of this video is to demonstrate how to prevent comment spam on a WordPress Website. This will be demonstrated using a Windows 8 PC. Plugin Akismet will be used. Go to your WordPress login page. This will look like the following: myw…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question