For the past month or two something strange has been happening with links to my blog on Facebook.  At times when I (and others) would click on a link on my profile expecting to be taken to a blog entry on my website, the link would instead go to some malware like website.  At the time I was contributing this to some error on Facebook’s part, since when I would visit the same link from my twitter postings it would work without problem.  Then yesterday I realized that links to my blog from google were having the same kind of behavior.  It was at this time that I realized that something must truly be wrong on my website.

I first googled the URL’s that my links were being redirected to and realized that this has happened to others before and that hackers are exploiting vulnerabilities in both PHP and WordPress (my blogging engine).  My search results gave me some code to search for in the files of my website, and I did find one occurrence of the hack in my wp-config.php file.  Even after I cleaned that up I realized that the redirecting was still happening.  I spend the next couple of hours trying to figure out where the code was malicious code was being hidden.  After verifying that my theme wasn’t the problem, I concluded that it must be one of the plugins that I am using.

So I went through each plugin, one at a time, disabling it and seeing if the redirects went away.  Finally I found the plugin that had been corrupted and it was the awesome WP Super Cache.  To fix the issue I simply deleted the plugin and all of its files from my site and then re-added it.  Once this was complete, links to my site from search engines and from Facebook are working once again!  I’ve changed my site passwords just in case that was somehow used.  I hope that is the end of this vicious attack on my site.