Website can't be accessed

Hi

My bet is you’ve been hacked.

The malicious code detects mobile devices and redirect traffic to
https://mobile.bitterstrawberry.org/?id=422

which in turn redirect to a porn site. ??

install a security plugin and scan your site for obscured code, something like
https://www.ads-software.com/plugins/sucuri-scanner/

wordfence is very good security plugin, try to clean your code as soon as possible

ah! that is exactly the problem, it redirect to that mobile bitterstrawberry thing ??

So, those plugins act like a virus scanner in WP?

How do I use them to fix the problem? Any specific guide?

When your site was hacked .. some malicious code was added to one of the php files somewhere in your site, it could be in the core wp files, in a plugin or in the theme any files that get loaded to generate your website each time a page is loaded.

Probably the theme, as if you did a fresh install of wordpress and deleted all the plugins you might fix the problem but your less likely to change your theme.

Usually these hacks are use obfuscation (like encryption) to try and hide the code more and prevent you from figuring out what that line(s) of code actually do.

something like
`<?php eval(base64_decode(“……… gibberish, HEX or binary ………”)); ?>’

so scanners like the two mentioned above will look in every file in you site for php functions like ‘eval’, ‘base64_decode’ etc which are commonly used to hide, obfuscate code, as these no real reason to do it unless your trying to hide what your up to.

They should then give you a report of everything it found that it considers suspicious. You’ll then have to investigate manually.

You can also ftp to your site and look at the date modified of the files in your theme, they should all have roughly the same date, i.e. when it was installed or updated, any file with a newer date has be tampered with or modified.

Another option is to try a clean install, back up you site.

make a list of all you plugins, download fresh clean copied from the wp.org, download a fresh copy of wordpress, and a fresh copy of your theme, from a reputable source…

set up you site completely fresh, extract wordpress, put the new plugins in the plugins folder same for the theme, then copy over the old uploads folder i.e. wp-content/uploads probably wise to do a quick visual check there should only uploads in this folder imgs etc… defiantly not scripts .php etc..

finally copy over your wp-config.php file but first scan it for anything that looks malicious, look at ‘wp-config-sample.php’ to get an idea what looks right and what look wrong.

Hope that helps

oh.. also check the .htaccess file for obvious redirect to bitterstrawberry

I have check the .htaccess file and there is no obvious redirect to bitterstrawberry
And as for your advice to manually check the files which are considered suspicious, I’m afraid I’m not really capable of detecting the script which is the problem, and don’t know how to fix them myself.

If let’s say I want to make a fresh wordpress, plugins, and themes installation, how can I backup all my files and webpages?
Because I’m using my site for SEO implementation, and If I do a fresh installation and all my files are gone, then it will be very difficult for me to start over all SEO steps that I have done ??

Any suggestion or advice sir? Please help

With out knowing the plugins you’ve used its hard to be definitive but In your SEO implementation, unless you or a plugin has modified your theme… any changes you’ve made should all be stored in the sites database.

Usually the only parts of a wordpress site that are used to store information are the
wp-content/uploads folder for files and the wp-config.php for configuration, and even then thats just the db connection settings, everything else, options and settings is all stored in the wp_options or wp_postmeta table in the database.

the themes, plugins, and all wp files are just like software, there shouldn’t be any info or setting stored directly in them, if these a cache folder in contents its full of temporary files that will be re generated. some plugins do store information in strange placed but thats rare best practice is to use the option and metadata apis which store info in the db.

With luck you should be able to make an exact copy of your site with fresh components, and connect it to the old db and it will be exactly the same, so long as you reinstate the wp-config.php and the uploads folder.

As for backup the existing site, you can download the entire site by ftp which might take a while if you have a lot of files, Your web host might have backup tools you can used to do this more quickly/easily. secondly also backup you database that way you have an exact snap shot of you site as it is right now hacks and all.

then create a new folder on you host, ie.

/www/html/oldsite.com/
..
/www/html/newsite/

start building you new copy here off line. once your all ready you can rename oldsite to broke. and then rename newsite to the oldsite replacing it as the live version. hopefully you have a fixed site.. if not switch back, and if you need to restore the database backup as well you can get back to where you started.

i had same problem. i check all file and place never got anything but at last i found it is .htaccess file edited. so please check your .htaccess file