Skip to content

How to Identify If Your Website Has a Conditional Redirect Hack

A conditional redirect hack is a tricky way to steal your website traffic. Most webmasters are unaware that they are hacked, because direct access to the domain shows no suspicious activity. However, when you click a link in search engines, you’re redirected to the hacker’s website. Most website owners don’t know they are hacked until customers complain. Here is how you identify if your website has a conditional redirect hack before you get customer complaints.

Do a Search Using the “site” Operator

Note that the “site” operator must be in all lower case characters. If you use “Site” or “SITE” as the operator text, search engines won’t properly identify the command.

First, open Google in your web browser. Most hackers target Google, so Bing might show different results. Type “site:yourdomain.com” into the search engine text box. Of course, replace “yourdomain.com” with your own domain. Notice that several links appear in the search engine, and an approximate count of indexed pages displays. This count is not always accurate, but it helps you identify any serious index problems. If you only have a few pages indexed but your site contains thousands, you might have a crawling issue.

Review the URLs

The first step is to click a link in the search engine results. If your site opens correctly, it’s unlikely that you have a redirect hack. It doesn’t mean your site isn’t hacked, but a redirect hack will transfer you to another website.

Note that most redirect hacks are based on Google’s user agent. User agent is a value passed to web servers. This value is usually a search engine name, a browser name, or some other type of bot. Hackers insert code that reads the user agent and redirects when the value is Googlebot. Some redirects happen in Bing, but most hackers target just Google.

Review Your Code

Finding hacked content takes a little more skill, but you can identify suspicious code by looking at the source through your browser. Hackers usually insert several empty lines and insert code at the very bottom of your pages. The code is usually in the form of JavaScript. You should look for suspicious links in JavaScript or look for encoded content that attempts to hide the actual code. JavaScript can also be used to redirect users, so always review your code when you believe you could be hacked.

How You Can Protect Yourself

When hackers change your code, they usually have access to your WordPress or site dashboard. The .htaccess file could also be hacked, which means they have access to your hosting files. There are a number of ways hackers get access to these files. You could have accidentally entered your information on a phishing site or installed malware.

Some seemingly harmless software is bundled with malware. The malware sends user names and passwords to the hacker’s server. If you’ve installed any third-party software, you’ll need to check your computer for any malware and scan the system for viruses.

If your site is hacked, some hosts will help you clean up the security breach. If you’re using shared hosting, your host might just restore a backup instead of helping you clean the files. For this reason, always keep a backup of your data and files for quick recovery. Always remember, be careful out there, it’s a crazy world.

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

Want To Get Notified When We Post?