Today we have noticed a huge traffic drop. We have checked almost everything, But we are not able to figure it and came to a conclusion that its the Google Panda Effect! ![hacking 150x150 [FIXED] GadgetCage being redirected to some Malicious Site](http://c1.gadgetcage.com/wp-content/uploads/2011/07/hacking.jpg "hacking")
But It is not the Panda. Its a code injected into our htaccess file. We came to know that traffic from Search Engines like Google, Yahoo, Bing, ASK, Altavista, AOL, Excite is being redirected to some malicious site (http://sokoloperkovuske.com/in.php?pp=69).
How we came to know about this?
#1. We just Googled our Blog name.
#2. If we click on any result of GadgetCage, those results are being redirected to this site: http://sokoloperkovuske.com/in.php?pp=69
We came to know that, it was some RewriteMod Rule injected into our htaccess file.
How to Resolve this?
#1. Download .htaccess file from your FTP.
#2. Check for RewriteMod Conditions, Mostly you find it in the beginning of the file.
#3. Remove that Code, Save the file and upload it back.
The RewriteMod looks something like this:
< IfModule mod_rewrite.c >
RewriteEngine On
RewriteOptions inherit
—
—
—
—
—
—
—
—
Covered other lines..
How to Protect your .htaccess File?
Set .htaccess file permissions to 644. Add the below lines to your htaccess file.
# Protect the htaccess file
<Files .htaccess>
Order Allow,Deny
Deny from all
</Files>
Thanks: Amit Benerjee, Rahul Banker.
Also check your Google webmaster tool reports for hacket site notifications and malware. Some days back I fixed a similar issue when I found a whole bunch of files were uploaded to one of my site directory. I have no clue how those files arrived but GWT was quick enough to pick them up and show them under crawl errors.
remember to setup email forwarding in Google webmaster tools, that way you would instantly know if something suspicious is happening in the background.
I guess your issue couple be caused by a plugin or some third party code but how your HTACCESS file was edited still remains a concern.
Hello, im hosted in godaddy too… and had a worpress blog too…
did you install any new plugin in the recent days?
How can anyone rewrite the htaccess file? the file is suposed to be invisible no?
Did you know how this happend?
Can you tell me if you find the security risk?
Thank you for the tip.
Omar,
Our blog is also hosted on GoDaddy, We didn’t install any new plugin in the last few days. Just change your .htaccess file Permissions to 644 and insert the lines mentioned in the post in your .htaccess file.
Same thing happened to us… hosted with Godaddy and on a wordpress blog. I have no idea how to find all this information you’re giving so I think I’ll call godaddy to see if they’ll walk me through it. Thanks for the info!
I Hope your site is fine now and getting its deserved traffic
Yeah!
files permissions in wordpress is the biggest security issue. should regularly checked.
Hmm.. for me it works.. what happened? I hope they won’t do this again..