One of my WordPress websites got hacked the other day. I know this because my blog posts, and only my blog posts, kept on redirecting to random malware pages. I, of course, performed a Google Search to find out how to resolve it. Thankfully I had a backup of the website even though I didn’t need it as it wasn’t the core files that were hacked.
I tried restoring the WordPress installation from a backup file I had on my desktop computer. After removing the files like index.php, header.php, and footer.php (where hackers like to inject malicious code), I uploaded the backup files that I had. But, that didn’t resolve the problem.
I pretty much did the same thing with my WordPress theme. Removed all the files I thought were infected and uploaded my backup files. I tested my blog posts again, but nope, they were still redirecting to malicious websites.
I remembered yesterday that I had installed a WordPress plugin called All In One WP Security. The plugin had stated it was the “All around best WordPress security plugin!” Bwahaha! I had installed it maybe two weeks ago to combat comment spam and it was working, I wasn’t getting any more spam or any comments. Come to find out it was the plugin that was redirecting my blog posts and that’s why I wasn’t receiving any comments at all.
After deactivating the plugin and testing my blog posts, I was relieved to find out that it worked. I was no longer hacked! All from a WordPress plugin that was installed for security purposes and this is what I get.
So if you’ve gone through the list of trying to figure out where the malicious code is, next thing try to deactivate some plugins and see if that resolves your problem.