SMF Support > SMF 1.1.x Support

Site redirect from malicious code in forum files


I am having a problem with my site. If I visit it using my browser, it looks normal. However if I go to the same URL on my iPad or iPhone using its browser, I get redirected to a different site (not mine).

My hosting company said they have found malicious code and here is the list of files that they found:


I am a completely noobie to this but I am wondering if its possible for SMF files to cause a redirect when uses are visiting my primary site and not the forum. I have SMF 1.1.6 installed. Thanks.

Did you install/activated perhaps Tapatalk App on your iPad or/and iPhone.?

First 3 files are not so familiar ones,but the rest (with ~ in the end) are default SMF which were created as backup on installing modifications files,you may want to run this php file for being sure about whether some of your files have been infected or not

A file named "style.css.php" is a dead giveaway that you've been hacked. Unless you know that those first three files belong there as part of a mod installation, you should rename them to deactivate them and eventually erase them if it proves that they are unnecessary for the normal functioning of your site.

I don't know what your host found in the backup (~ suffix) SMF files. It's odd that the current active files (without ~) wouldn't also have the same infection, if there really is one. The three SMF files are inactive anyway (they can't be run), so you can probably leave them alone.

Thanks. I have installed no mods or other apps. However, upon further digging, it appears that my htaccess file (located at the public_html folder) had been replaced. Once I removed that, it started working again. I didn't think this problem could be related to the forum but I wanted to make sure. I'm going to also run the kb_scan (thanks for the link).

I will rename the files and then delete them if it doesn't affect the forum.

Thanks very much for the replies.


[0] Message Index

Go to full version