This section describes a redirect hack that forces WordPress to go to a different rogue site only in rare cases (some patterns say only on smartphones) when jumping from search engine results, and explains how to deal with it.
Rarely redirected to another site, only from search engine results
This type of WordPress hacking (tampering) is a malware called a redirect hack.
The mechanism is that a JAVASCRIPT or PHP program determines where the user came from, and redirects the user with JAVASCRIPT only via search engines or only for smartphones, and it takes time for the administrator to discover the hacking.
In some cases, the COOKIE browser’s user information storage mechanism is used to record the date and time of the last access and prevent similar redirects from occurring for a while.
What kind of malware is embedded in the site?
The following malicious files may be present on the site
PHP or JAVASCRIPT files that pull malicious programs from external sites and redirect them.
Illegal JAVASCRIPT code that starts with a Script tag is embedded in the database.
In other rare cases, we have recovered cases where redirect hack malware was embedded in GOOGLE Tag Manager or external ad embedding programs.
In this case, there is no tampering with WordPress, and the only remedy is to have the ad-serving company remove the malware from their ads, or remove the external GOOGLE Tag Manager and external ads from the site.
Redirect Hack Rogue Programs and Malware Detection
Free WordPress:Malware Scan & Security Plugin [Malware and Virus Detection and Removal].
Why and how did the malware get embedded? How to deal with it?
There are two main causes of WordPress hacking.
1 WordPress administrator privileges have been taken by a brute force password attack, allowing hackers to log in to the administration screen
2 Vulnerability in a plugin or theme
In the first case, if you change your password to one that is at least 12 characters long, including upper and lower case letters and symbols, which WordPress automatically generates, it will not be able to be broken into.
In case of vulnerability 2, as long as the WordPress site is open to search engines, vulnerable folders and programs can also be found by special search methods, which may allow hackers to find the vulnerability.
Therefore, keeping your WordPress site up-to-date is the best way to prevent hacking, but many sites are not able to update their WordPress site because of problems that occur when the site is updated or because customized parts of the site disappear.
In this case, you can use the [Free] WordPress: Malware Scan & Security Plug-in [Malware and Virus Detection and Removal] to check for vulnerabilities.
WordPress Doctor can also update your site in a virtual environment, fix bugs, and adapt it to the production environment on your behalf.