Whether you sell products on your website or get leads for local service work, having your site hacked and “down” for even a couple of hours can have a big financial impact on your business. So if you’ve noticed that your site is redirecting to another site, it’s important to take action right away to get it resolved. But before we get into the “how” let’s address the “why.” Here’s why your website is being redirected to another site:
Your website is redirecting to another website because it has been infected with malware. Typically this happens when a malicious individual gains access to your website through a vulnerable plugin or theme.
If it sounds like this is what is happening with your website, keep reading to learn how to further troubleshoot the situation and fix your website. We’ve personally diagnosed and removed malware from more than 60 websites for our clients, including a WordPress redirect malware hack, so what we share here is what we’ve learned from real-world experience.
How To Tell If Your Website Has Been Hacked
Simply noticing that visiting your website results in a redirect to a spammy or scammy website is the first indication that your site is likely hacked.
The more reliable way (and the way we recommend) to diagnose if and how your website is hacked is to use a trusted malware scanning tool. There are a number of popular tools out there, but for most Linux servers we recommend ClamAV. For websites hosted on Plesk, we recommend using the built-in ImmunifyAV tool which is included in hosting packages, including the free version.
All of our clients who host their websites through us here at Sharp Innovations benefit from our constant monitoring, which allows us to quickly detect new malware infections and promptly fix them.
How To Fix A Malware Redirect Hack
Once your malware scanner finishes running, it will provide a report with details about what files are infected and in what way. This will determine how you proceed.
In some situations, the issue could be caused by a new file that was added to the root folder. In that case, the first step would be to remove that file. Similarly, the issue could be from a new block of code added to the top of an existing file such as the home page, in which case the first step would be to remove that block of code.
Next, to make sure you didn’t miss any additional infected files or resources, restore your website to the last known non-infected backup when your website was not redirecting to another site.
Many web hosts do routine backups of your website automatically, so you may be able to log into your hosting account and do the restore yourself, or if not then you should contact their technical support team for assistance.
If your website is hosted through Sharp Innovations, you can call our support team at 717-290-6760 and we’ll handle the restoration process for you.
How To Prevent Your Website From Getting Infected With A Redirect Hack Again
Simply identifying and removing the malware is not enough. While doing so is necessary to provide an immediate fix, it does not prevent the attack from happening again.
Each infection is different so the exact steps you’ll need to take may vary, but generally speaking, there are several important actions you can take to prevent another malware infection:
- Update WordPress to the latest version.
- Update all of your WordPress plugins to the latest version.
- Change your WordPress login credentials (username and password) so that anyone who may have gained those credentials can no longer log in.
- Change your FTP credentials for the same reason – so no one can directly access and edit files in your home directory.
- Consider switching to a hosting solution that includes third-party support. All of the hosting plans that we offer here at Sharp Innovations include malware scanning and fixing.
The most common way that hackers are able to perform this malicious redirect is by finding vulnerabilities in popular plugins and themes and taking advantage of websites that use an old version of the vulnerable plugin that does not have the latest patch. This is most likely the reason why your website is being redirected to another website, and that is why it is important to update all of your plugins after you’ve resolved the issue.
Don’t get stuck having to deal with a malware hack again – move your website to one of our hosting plans and we’ll handle that for you so you can focus on your business, not on fixing your website. Depending on the plan you choose, we can also keep your WordPress version and WordPress plugins up to date for you!