How to treat a mobile redirect on a website?

V

Vladimir2017-11-15 09:49:53

MODX

Vladimir, 2017-11-15 09:49:53

Guys, hello. I caught a mobile redirect - a virus on the site. on modx. Checked on a local antivirus - on the server. Used avast, Aibolit, kaspersky, NODE32. There is nothing in the logs - it does not write that it is a redirect. And redirect it like this -
first to mobile.cook -> 4click -> pohudei.com
Searched by grep - via ssh For a match of words (and to base64) - checked all htacces - checked all tpl files - everything is fine there. No coincidences, nothing.
I connected the mobile via USB - the debugger - but it does not see this transfer - it immediately opens the last tab to me in DevTools.
Maybe someone has come across this - maybe I can look for something else via ssh.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

K

keslo, 2017-11-15
@keslo

MODX Evo System?
1. Check the database: often there is malware disguised as one of the snippets or plugins. Usually it duplicates the main one.
2. You can run the site through a small add-on for malware - https://github.com/extras-evolution/evocheck

D

DarWiM, 2017-11-23
@DarWiM

In my experience, virusdie does a good job of finding viruses on a website. It is possible to check for free.