All my wordpress sites redirect automatically

Hi,

Just today something happened to my wordpress site - kchut.com, when you enter it into your browser, you will see it redirect to kchut.com/HYTRG

The characters at the end of the URL are randomly generated… The strange thing is that my hosting company in US says that they can view my site without any problems… it seems that this only happens when I tried to see it from my country, Singapore.

I have tried using different computer and my other friends also see the problem… Can someone shed some light on this matter?

I can also see your site without the redirect from my web browser in the US, yet I’m able to reproduce the redirect in a raw telnet session from a US server to your apache server.

It redirected me before I even supplied a hostname, which unless you’re paying for a dedicated IP, implies that it’s server-wide and not limited to your specific hosting account.

Your host may have been hacked and they don’t realize it. That or it’s some kind of very misconfigured apache module.

[root@gold admin]# telnet kchut.com 80
Trying 174.132.79.218...
Connected to kchut.com (174.132.79.218).
Escape character is '^]'.
GET / HTTP/1.1

HTTP/1.1 302 Found
Connection: close
Pragma: no-cache
cache-control: no-cache
Location: /MVTPY/

Connection closed by foreign host.
[root@gold admin]# telnet kchut.com 80
Trying 174.132.79.218...
Connected to kchut.com (174.132.79.218).
Escape character is '^]'.
GET /MVTPY/ HTTP/1.1

HTTP/1.1 302 Found
Connection: close
Pragma: no-cache
cache-control: no-cache
Location: /ZfjWR/MVTPY/

Connection closed by foreign host.
[root@gold admin]# telnet kchut.com 80
Trying 174.132.79.218...
Connected to kchut.com (174.132.79.218).
Escape character is '^]'.
GET /ZfjWR/MVTPY/ HTTP/1.1

HTTP/1.1 200 OK
Connection: close
Pragma: no-cache
cache-control: no-cache
Content-Type: text/html
Content-Length: 65

<html><head><meta http-equiv="refresh" content="0"></head></html>Connection closed by foreign host.

If you send them that session, and their techs are competent enough to recognize HTTP requests and responses, they should at least have proof that the redirect is happening and it’s not coming from WordPress.

Wow, Dan.

This is great information! I will send it to my host, thank you =)