Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial


I got a new client that got hacked but I'm not sure where the re-direct is happening.


So the hack only happens on mobile. I've tested it on IOS simulator to debug it but only found "mobi-avto.ru" is the file that runs first before redirecting. I don't get the path or anything else to look for. I have looked through all the php js and css from old to new files but have yet to find anything.

Any idea of how to fix this? Take into consideration that whoever coded this didn't backed up the mysql and the final files. So I can't re upload the final files with the mysql.

1 Answer

check for .htaccess (dot htaccess) on the server. you may need to work out how to show hidden files in FTP since it starts with a dot servers will treat it as hidden.

.htaccess handles the redirects and rewrites and its likey that the hackers have added something there to redirect the site on mobile.

once fixed up you may want to check the file and folder permissions. there are a few WordPress plugins that could help check security too.