Jump to content
Jodie Burdette

URGENT PLEASE HELP - Blog page redirects to very strange page

Recommended Posts

I have never seen anything like this. The blog page on a clients site redirects to a page that shows site files and such. I have reinstalled WP (although I pointed the new install to the old database after install) but no matter what I do it keeps going to this page. I have deleted the original blog page and recreated a new one named something else.

 

Here is the link to the screwy page:

http://www.integritycounsellingservices.com/?page_id=823

 

 

My htaccess is the standard one:

 

# BEGIN WordPress

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

</IfModule>

 

# END WordPress

 

 

One other thing: when the permalinks are set to default it goes to the screwy page but the rest work fine, when they are set to custom (I am using /%postname%) that page gets a redirect loop error but again the rest work fine.

 

 

Jodie 'Why do I get all the off the problems no one has ever heard of?" Burdette

Share this post


Link to post
Share on other sites

What version of wordpress do they use? I know with older than 2.8 there was a hack which ended up redirecting pages and screwing up your permalinks. We had it happen to us at our http://VAnetworking.com/blog and it cost me about $250 to get it fixed :(


vainsiders.jpg
Get your first month for $7 using coupon code: TRYFOR7

Share this post


Link to post
Share on other sites

When the problem was noticed they were two versions behind. They are not regular customers so I am not in their dashboard unless they ask me to do something which is how it got behind in the first place. I have totally reinstalled WP (the newest version) but I am still getting the same error. The only that that remained the same from the old WP and the new install is the database.

 

While I this might well have originated due to a hack (Bluehost agrees with me although they think this is an htaccess issue and they can't help me sort that out.) I don't think it is the same issue you had because the page is redirecting within the sites webspace. All the "crap" on the screen is files and stuff related to this website not an outside link.

 

Jodie "I get all the tricky ones LOL" Burdette

Share this post


Link to post
Share on other sites

Well I tried you suggestion Shera. Here is what I did:

# BEGIN WordPress

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /index.php [L]

</IfModule>

 

# END WordPress

 

Redirect 301 /?page_id=823 http://www.integritycounsellingservices.com/?page_id=17

 

I also tried using the full URL of the post page but neither made any difference. I was still sent to the screwy page.

 

Jodie "I wanna cry" Burdette

Share this post


Link to post
Share on other sites
Guest

She's crazy-insanely busy at the moment but if you can reach miss Leanne (PLS here at the forum), she's a smarty-pants with this stuff and might be able to drill down to the real issue. I'm afraid this site has been hacked though I'm really not sure. What is concerning is that this weird page seems to be some kind of doorway to a lot of site info that might be otherwise private.

 

At the very least change the passwords like NOW and run a backup (which I'm sure you've done but throwin' it out there!) :)

 

Karri

Share this post


Link to post
Share on other sites
Guest

I've no idea if this helps but the blog page (integritycounsellingservices.com/blog) is showing a 301 redirect which you DON't want, right?

 

Here's what I found out using a header checker tool at http://www.seoconsultants.com/tools/headers.asp:

 

(Current Date and Time: 2009-12-21T20:07:16-0700
User IP Address: 70.65.156.97

#1 Server Response: http://www.integritycounsellingservices.com/blog
HTTP Status Code: HTTP/1.1 301 Moved Permanently
Date: Tue, 22 Dec 2009 04:07:17 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8l DAV/2 mod_auth_passthrough/2.1 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.11
X-Pingback: http://www.integritycounsellingservices.com/xmlrpc.php
Location: http://www.integritycounsellingservices.com/blog/
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
Redirect Target: http://www.integritycounsellingservices.com/blog/

#2 Server Response: http://www.integritycounsellingservices.com/blog/
HTTP Status Code: HTTP/1.1 301 Moved Permanently
Date: Tue, 22 Dec 2009 04:07:17 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8l DAV/2 mod_auth_passthrough/2.1 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.11
X-Pingback: http://www.integritycounsellingservices.com/xmlrpc.php
Location: http://www.integritycounsellingservices.com/
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8
Redirect Target: http://www.integritycounsellingservices.com/

#3 Server Response: http://www.integritycounsellingservices.com/
HTTP Status Code: HTTP/1.1 200 OK
Date: Tue, 22 Dec 2009 04:07:18 GMT
Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8l DAV/2 mod_auth_passthrough/2.1 FrontPage/5.0.2.2635
X-Powered-By: PHP/5.2.11
X-Pingback: http://www.integritycounsellingservices.com/xmlrpc.php
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=UTF-8

Share this post


Link to post
Share on other sites

Wow! That is a strange page! Everyone on here is so helpful and interactive. I wish I knew how to solve your situation, but unfortunately, I don't! I just wanted to show some support that I am hoping for the best for you! :)

Share this post


Link to post
Share on other sites
Guest

Jodie have you looked in the database for all data associated with this page to see if the redirect has made its way into there? This is a major security issue to have this page up like this, and I would be tempted to take the entire site offline until it can be fixed. I was able to get all the information I would need to access (and destroy) the entire database.

Share this post


Link to post
Share on other sites
Guest

Worse yet, that page is now indexed in google. Anybody can get access to her server and her database with that information. I was able to execute mysql queries on her database, and if I wanted to I could have wiped the whole thing out. Fortunately, I'm not one of the bad guys so I didn't, but those guys are out there, and her site is at a huge risk here.

 

You need to impress upon her that leaving the site up is NOT an option until this is resolved. This is a huge security hole not only for her but for anyone else on her server and it's dangerous and irresponsible to leave it up. I don't mean to be pushy about this, but sometimes as the expert, you have to be insistent with clients.

 

 

Share this post


Link to post
Share on other sites
Guest

I don't honestly think this is an htaccess issue, but try this in your htaccess file (you can't do a straight redirect on a url with a query string). Not tested, so no idea if this will work as is.

 

RewriteCond %{REQUEST_URI} /

RewriteCond %{QUERY_STRING} page_id=823 [NC]

RewriteRule ^(.*)$ http://www.integritycounsellingservices.com/?page_id=17 [R=301,L]

Share this post


Link to post
Share on other sites
Guest

Looks like it's not limited to WordPress. I found a Joomla site that had also been hacked.

 

Would it encourage your client to take her site offline if she saw that this is the screenshot of the site that designed the software that's hacked her? ;) These are not nice people.

 

post-1504-1261462018_thumb.jpg

Share this post


Link to post
Share on other sites

Ok Leanne that worked. How (or can I) use this to redirect back to the correct location for the blog? Or do I need to recreate the site to eliminate the problem??? Also, with this fix the blog page is redirected to the FAQ page. Will this close the security hole so I can leave the site up if I need to recreate it?

 

Jodie "I hate freakin' hackers!" Burdette

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Want to Become a VA?
    Invest in The VAC!
    How Do YOU Startup A

    Virtual Assistant Organization Association
    Upgrade Your FREE Account & Receive Today...
    * Access to Our Bus JOB Board *
    * Group Coaching & Training*
    *Training Tracks*
    * Private Mastermind Area *
    * Business Templates *
    * Contracts & Forms*
    * Plus VAinsider Perks! *
    UPGRADE HERE


    Virtual Assistant Organization Association

    Virtual Assistant Organization Association











×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.