Written: July 18, 2011

An Infected Web Site

A new client contacted me last week with a security issue where visitors could type in the name of their web site and visit OK, however if they went to Facebook first and then clicked a link to their web site they were instead redirected to an unsafe web site.

search-box

My first hunch was that their WordPress site was infected but then I did some more Google research on the malware address of search-box.in and found that this was often caused by an infected file called .htaccess

.htaccess

Once I received the credentials to login to the client site with ftp (File Transfer Protocol) I found that indeed the .htaccess file was infected with the following lines of code:

search-in

The fix was to remove these lines and upload the clean .htacess file.

This infected file would redirect web visitors that clicked links from several popular locations on the web: Google, Live, Aol, Bing, Mail, News, YouTube, Twiter, MySpace, Facebook, Maps, Flickr and Yahoo.

Security

To prevent this from happening you should keep your ftp and WordPress passwords difficult to guess and only install WordPress plugins from sources that you trust.

Tags: , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog Tags

Recent Posts

Blog Directory & Business Pages at OnToplist.com