Our woocommerce got AD URL redirection hack



Someone used URL redirection to AD website, so enabled WAF and selected block action for all event, what I can to do ?



I have sincerely no idea what the issue is. There is a redirect, all right. Remove that and it - naturally - wont redirect any longer. Right?

If not right, you need to post the URL you are having the issue with and describe it in detail.



The Sensitivity set to Medium and Action is Block, but still can redirect…



It’s most likely your site has been compromised. If you’re not running Wordfence on that site, you should. I can detect hacked code. If you post the URL, we can take a closer look.


Hello sdayman,

My colleague told me that we are using Wordfence free version.

The hacker changed Options > siteurl in Wordpress DB.

If you can detect hacked code , how can I send you URL in private message?



Wow…that was a typo on my part. It’s supposed to say “It can detect hacked code.” I apologize.

Have you installed Wordfence?

You can change the site URL in wp-config.php:


Wordfence installed with free version.

oh, you typo, we have change site URL in wp-config.php already.


1 Like
closed #10

This topic was automatically closed after 30 days. New replies are no longer allowed.