SSL certificate showing different domain redirecting to spam site

The SSL certificate is showingthat it issued to a different domain The site was somehow hacked and redirected to the domain in the cert. I tried to disable to universal certificate and re-issue it but the problem persists. When SSL is turned off it does not redirect. When i turn SSL back and go to HTTPS:// the website redirects to some spam website. with only HTTP:// it does not redirect at all


Thank you for asking.

Have you got an example of the URL? :thinking:

Unfortunately, Cloudflare can not assist in hacked websites.

Have you tried looking for any suspicious file which might contain any malicious code?
Otherwise, did you used some tool and scanned your website and your files for any clue of malware?
Maybe some plugin is doing it or some nulled scripts if you are using them.

I’d suggest you to temporary Pause Cloudflare for your site:

  1. Use the “Pause Cloudflare on Site” option from the Overview tab for your domain at .
  2. The link is in the lower right corner of that page.
  3. Give it five minutes to take effect, then make sure site is working as expected with HTTPS without any error

Therefore scan your website again and clear everything, check database, files, etc.

May I ask have you tried using a different Web browser, or tried clearing your Web browser cache?
How about using a Private window (Incognito mode) or a VPN connection if possible?
Is it the same behaviour on your mobile phone (4G LTE, mobile data, cellular)?

1 Like

I dont know where the issue is. I even uninstalled Wordpress and made a new install to test. The new site is also redirecting so it leads me to believe it has to do with DNS records and SSL. I have this problem with many sites. Here is an example URL:

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.