Malicious redirect only happens with proxy on

lerg96 · January 26, 2023, 9:21pm

I am experiencing a problem with one of the websites that I manage and it only happens when the proxy option is enabled, doing some tests to verify I found that disabling it no longer happens, the redirection is to a file hosted in bitbucket with malicious software.

Also, I found out that it only happens on PC and not on the phone (Android).

If you could help me with some steps to take to correct this problem, or where I could get more information for troubleshooting, like a check tthis logs or something

The site uses wordpress, I reinstalled the wordpress to see if that was the problem, but no.

The server uses nginx + php fpm

I Shut down the server to see if it stopped redirecting but still continues the redirection

cbrandt · January 26, 2023, 9:37pm

Please visit the Audit Log in your Cloudflare Dashboard and check for any redirects that you did not create. If you find one (or several), remove them. Then re-set your Cloudflare password and enable 2-factor authentication. This in all likelihood is a case of your username/password being compromised, either by a breach in a third-party service (in case you reuse the same password), malware in your computer or browser, or something similar.

system · February 10, 2023, 9:38pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
URGENT: Suspicious URL redirection occurring, ONLY via Cloudflare DNS proxy General	6	2575	January 31, 2023
My website is redirecting to a spam site Security	11	3085	November 11, 2019
Experiencing unwanted redirects when Cloudflare dns is on DNS & Network	5	43	August 13, 2024
Malicious redirects Dashboard hacked	2	173	June 5, 2024
Serious Issue. My website is redirecting to malicious site even on attack mode enabled Security	2	1902	February 19, 2023

Malicious redirect only happens with proxy on

Related topics