Home Guides Glossary

Identifying Malicious Redirects on Your Website

If attackers compromise your Website, they might insert malicious code that redirects visitors to phising or malware Websites. Or they might also lure visitors to the malicious redirects with spam email. Those messages can be something as simple as:

Subject: Hello!

Body: News: http://[your domain name]/jyl/wnews.php

If you see messages like this about your own Website, you should review your website content for files containing malicious redirects. Typically, these files are created in separate directories, like these:

  • /uuc/news_id.php
  • /zkd/news_fx.php
  • /dgmq/w_news.php
  • /cisc/br-news.php

These files will contain a list of domains and a line of code that performs the actual redirect — they look something like this:

<meta http-equiv="refresh" content="2; url= ">

The code http-equiv gets the visitors' browser to load the malicious website.

Obviously, you want to remove any files containing redirects as soon as possible.

Protecting Your Website

There are many ways attackers can insert this malicious code on your Website. If this has happened to you, we recommend the following to secure your Website:

  • Review your hosting account to ensure that it does not contain any additional malicious content. We have some information about this in What is an FTP compromise?
  • Update any applications your website uses to their latest versions (e.g. WordPress, Joomla, etc.).
  • Update all themes, plugins, and extensions to their latest versions.
  • Change all of your account passwords (including FTP, application, and databases).
  • Update your anti-virus and scan your local workstation for signs of compromise.
  • Consider using website security software like WebsiteLock to scan your Website for vulnerabilities and compromises. We have more information about that here.
  • You can also find more information about application security compromises in What if my website is hacked?.

  • Domain Registration

    Pay less for website domain names. Register your own .com, .net or .org for as low as $10.18 per year. We have everything you need to get online with your new domain.

    Website Builder

    For as little as $3.89 per month you can build your Website online with Website Builder using our easy to use professional templates. Play Video - Demo

    Quick Shopping Cart

    Build and run your own successful online store in minutes. You're just five easy steps away! Shopping Cart works with Google® and eBay® Play Video

    Website Hosting

    Everything needed to give your website the high-performance home it deserves.  Protect transactions and secure your customer's data with a SSL Certificate

    Copyright © 2005 - 2017. All rights reserved. Privacy Policy