How to Spot a Website Redirect Hack

A redirect hack is when visitors are silently sent from your site to another website. It can be a scam site, a malware page, or a competitor. These hacks are dangerous because they often affect only some visitors, so you might not notice right away.

Here is how to detect redirect hacks quickly and what to do when you find them.

Signs of a redirect hack

• Customers report seeing a different website.
• Only mobile users or certain browsers see the redirect.
• Your traffic drops suddenly without obvious cause.
• Search results show strange URLs under your domain.

Why redirect hacks are hard to spot

Attackers often condition redirects on device type, location, or time. You can load the site and see nothing wrong while customers are redirected elsewhere.

How to check for redirect hacks

1. Test your site on mobile and desktop.
2. Check in incognito mode with no cookies.
3. Use a remote browser check from another location.
4. Review recent plugin or script changes.

Monitor redirects automatically

The fastest way to catch redirect hacks is to monitor your site and alert when the final URL changes. This works even if the redirect only happens sometimes.

What to do if you find a redirect hack

1. Disable recent plugins or scripts.
2. Restore from a clean backup.
3. Change passwords and remove unknown admin accounts.
4. Ask your host for a malware scan.