After a quick search I found this great post Top 5 WordPress Vulnerabilities and How to Fix Them and the first two items, updates to the htaccess file, seemed best for the situation.
- Second, make sure any sensitive files on the webserver are blocked from outside and unauthorised access.
These things are in addition to locking down other things like comments and comment spam, securing the login area and setting webserver permissions to stronger than Read All for all files (bad idea to leave all files as “777”).
Now for other security measures, namely plugins against comment spam, see my article here. But the first two fixes to the htaccess file above seem to be what I needed to finally kill this crappy redirect that was happening.
Client happy, I’m happy. We’ll see in a few days if it is fully eradicated; you seem sometimes these spammers take breaks, and sometimes their code does too.
What’s the worst WordPress hack you’ve ever had and how did you get rid of it?