Help! My site keeps redirecting iPhone users to unknown advertiser and porn websites

Hi guys,

I’m baffled by this one, so I’m wondering if anyone can help.

My site Lakerholicz.com runs fine on all browsers (as far as I know) apart from Safari on the iPhone. I don’t have an iPad so I can’t test it on that, but this problem occurs regularly on my iPhone now and I know that at least one other user on an iPhone is having the same problem.

When visiting a page on the site, users are redirected to random websites - they can redirect to apps or even porn sites, so be warned if you test this out - and I have no idea why this is happening. For my adverts, I run Google Adsense and Yardbarker (which runs through Google DFP) and neither of these services use pop-ups or condone porn ads.

I’ve run a “SafeScan” plugin on my WordPress site but it can’t seem to find any problems.

Any ideas guys? Thanks in advance for your time.

I was unable to reproduce the issue by changing by browser’s user agent to an iPhone (but–I also have ad blocking and script blocking in place).

It could be a compromised theme file, wordpress core file, plugin, 3rd-party advertisement, 3rd-party javascript file, or something in the database.

Here are some things to possibly look for:

I’ve never used a wordpress plugin that claims to be able to scan a site and determine if there is an infection. Partly because detection isn’t guaranteed and partly because a plugin on an infected site can’t really be trusted anyway.

You’ll likely have to check each file individually for abnormalities.

Also, if you’re using google webmaster tools: https://support.google.com/webmasters/answer/163634?hl=en

Try disabling any plugins that you’re using one at a time, after disabling one see if the redirects are still happening.

Is the main wordpress up to date? (Same for any plugins)

Thanks for all this info. That website you linked has a lot of information, too.

I checked my .htaccess file, along with header, footer and index as they said…nothing there. I’ve now updated all themes and plugins, including WordPress and it’s still happening. I’ll try some other things on the list…

I’ll try this - disabling them. Yes, everything is up to date now.

Thanks for the reply.

Oh, I also tested the site in the browser “Skyfire” on my iPhone and it works fine. Seems to be a iOS Safari issue, possibly.

Yeah, it isn’t going to be a OS and browser problem… I think your iPhone may be infected. I just went to the site on mine and it came up just fine. I tried a bunch of times and everything is fine. I’m on iOS 6.1.3.

Apple may not be the be-all-end-all but it’s highly unlikely someone is going to be able to manipulate their OS to redirect people to porn from a random website. If something is hacked it’s going to be your phone or more likely your Wordpress site.

It’s worth looking at your sites root directory to make sure it hasn’t been hacked. Whenever I have to look for evidence of a hacked site, I open up the root of the site and check the dates of the files on the site (or for files that don’t belong). If you’ve been hacked and you’re lucky, you can see from the dates of the files which ones have been hacked and then you can replace them with unhacked files if they are part of the site or remove them if they don’t belong. I’ve seen some crazy and very obvious hacks on sites recently so you might luck out and nip it in the bud.

Good luck!

Andrew

Thanks for the reply, Andrew. After hours of going through files, updating plugins etc, I’ve discovered that it appears to be YardBarker sending the corrupt ads. I assume they don’t know about this…anyway, I’ve pulled the ads for now and it seems to be fixed!

The only good thing about this whole thing is that I’ve finally learned how to backup my site fully through different avenues (although, still not sure which PHPmyadmin options to select…) and I’ve got round to making a few needed tweaks to the site.

Good, glad you got it sorted out.

That’s not the first time I’ve heard of Ad plugins being the offending piece. Last year a guy I work with had to rescue a video sharing site that was serving up questionable content (porn, unrelated ads, gambling stuff, warez, etc…). Someone had figured out how to use a JavaScript “cross site scripting” attack to take over the ad plugins.

For backups I’d use a backup plugin. I’m not a Wordpress guy so I don’t know what’s good but I did find this one that looks like it’s worth looking at: http://ithemes.com/purchase/backupbuddy/

Andrew

There are free ones available. That one isn’t free.

http://wordpress.org/plugins/tags/backups

A backup plugin is not a bad idea, but I’d go a little further. I’m assuming your on a cPanel based host, there are a few software packages out there that enable your computer to automatically generate and download a full cPanel backup daily. I strongly recommend the full cPanel backup. If your site had a problem, you’ve got your entire site right there. If your webhost goes down, you can easily switch hosts. I’d also check into what backups your host is doing. They should be doing backups as well. Don’t rely solely on your host though, always keep your own backups.