Virus on the site?

Hi Guys,

Not sure where I would post this but just recently when you search modo in Google or trying rto click on our website through Google Search Engine it doesnt go to

It goes to some forbidden url thing.

Heres link for Google

Click on modo* | Brand Strategy + Design

It just started to do this would any experets here have any idea why?



The google link looks ok, so the problem must be on your site - your index file might have been tampered with. The divert appears to swing into action only if the inbound request is coming via a search engine, easily detected. (I tried it on bing and yahoo with same result). All 3 links go to forbidden(dot)4pu(dot)com - obviously a spam site or something similar.

I would guess that your site has been hacked and your index file has been tampered with, so you’ll need to change all your access details immediately, and then you’ll have to start the clean up. If you’re not responsible for managing the site, then speak to whoever is.

There’s probably a lot more I could say here, but it’s a start.

[FONT=Verdana]I don’t know how much this helps, but I only experience the redirect if I enable JS (for Google, rather than your site).

Be sure to also check your .htaccess file for unauthorised changes.[/FONT]

Your site has been hacked.

While it might display normally while visiting it directly, malicious code activates when viewed through a search engine.

Usually this code resides in PHP files in a eval(base64_decode()) function.

The best way to take care of this is to go to a backup of the site which doesn’t have this, and restore it. There’s no telling what damage was done within your files and databases.

You’re running a very old version of wordpress, so this is no big surprise. Older versions have vulnerabilities that hackers can take advantage of.

Good point about the old version of WP. I didn’t realise you were using WP. Once you have your site cleaned up, you might try installing the Wordfence plugin (search for it in the ‘add new’ plugins control panel) - it has some nice features and among many other things, it generates warning emails when plugins or WP need updating.

You may have some link in your headers ,etc. That usually is the case. Edit the index file and see whats in there. If there are any weird links then remove them.

Backup all file, download to PC then scan virus, delete all file on host the reinstall these file, if your site is still harmful, change the hosting!


Download viruses to your PC? IMHO, that’s just NOT a good idea.

Instead, have your host run a maldet scan on the 'nix-hosted website. That will find (and often correct) malware. However, do that after CHANGING AND strengthening your passwords.



Thanks everyone, I was hoping not having to reinstall Wordpress but looks like that may be my only option I’ve changed much of the code to remove code which I noticed was not suppose to be in there but still no luck.