Checkout page of my website redirects to Spam Site

I have a WP Multi-site subdomain installation. I have a subsite using WooCommerce for nightly bookings. The checkout page is hacked and directing to a Spam website.

  • Adam
    • Support Gorilla

    Hi David

    I hope you’re well today!

    Since Defender isn’t finding any relevant issues, I’d say that this is something injected directly into the database or is in one of the JavaScripts (which are not checked).

    I tried to search the database against any possibly relevant entries and checked few JS files manually but to no luck so far. Unfortunately, while I can see some URLs during the redirect, it’s not said that they are stored in the same “form” in the database (if it’s in database) and checking all JS files isn’t a reliable option.

    It would be best to actually restored the site from the most recent backup known to be fine so if you can do it, that’d be best solution. It might mean also some data loss if there were many changes made but would be the safest way to clean the site up.

    Would that be possible?

    If not, let me know and I’ll ask our developers for help but please note that if Defender is not reporting any changes and it isn’t possible to restore clean backup – I can’t guarantee the result. We’ll do our best to clean that up though.

    Looking forward to hear from you,
    Adam

  • jordan
    • Design Lord, Child of Thor

    If that happend to me i would first backup the database. Then i would create a new wordpress install on a new host. I would install Defender on the new site and then import the old database. I have had to do this on a few client sites that transferred their managed services over to me once they got hacked. Also Google your website and see if Google shows your site as hacked in search results. If they do then it will be easier to find the culprit.