Our clients site is redirecting to a pill scammy site [closed]

Posted by Alex Demchak on Server Fault See other posts from Server Fault or by Alex Demchak
Published on 2012-09-21T20:36:48Z Indexed on 2012/09/21 21:42 UTC
Read the original article Hit count: 198

Filed under:
|
|
|

Possible Duplicate:
My server's been hacked EMERGENCY

We've usually host our clients site, but we aren't hosting this one. The website itself (weddle-funeral.com) works just fine. if you load google and search for weddle funeral stayton oregon - and click that link, the site links to a scammy pill site.

I went through the site and there were some php files in the wordpress plugins that got quarantined by my antivirus.

I removed ALL non essential files, and uploaded fresh versions of all the plugins, but it's STILL redirecting from google.

I tried logging in to the cpanel (on a virtual private server), and the cpanel flashed a red warning screen

The site's security certificate is not trusted! You attempted to reach XXXXX.com, but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Google Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications. You should not proceed, especially if you have never seen this warning before for this site.

(Keep in mind, that's for the HOSTING accounts CPanel)

Is there something in the SERVER probably that's causing the redirect?

EDIT: .htaccess file contents

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

© Server Fault or respective owner

Related posts about php

Related posts about Wordpress