If you run the WordPress plugin Simple 301 Redirect plugin, or the 301 Redirect addon Bulk Uploader by Webcraftic and Ash Durham, you are in danger of having your site get redirected to jackielovesdogs.com, tomorrowwillbehotmaybe.com, or beforwardreallygo.com (and possibly others yet unreported). So check as soon as possible to see if you are using the Simple 301 Redirect plugin, and if so disable it immediately, especially if you are using the Simple 301 Redirects Bulk Uploader addon.
What’s happening is that a security hole is allowing the plugin to maliciously redirect all traffic from your website over to the jackielovesdogs, tomorrowwillbehotmaybe, and beforwardreallygo sites.
The Simple 301 Redirect WordPress plugin is supposed to aid the website owner in doing 301 redirects, which are instructions to the computers of website visitors that say, essentially, “the web address you are looking for is permanently no longer available, go to this address instead”.
An example of when a website owner would use 301 redirects would be when they have a page which they are replacing with another page. Or they may use a 301 redirect to redirect traffic to a completely different site if the original site is being permanently shut down.
|Get notified of new Internet Patrol articles for free!
So you can see that having a malicious actor be able to control that and redirect all of your website traffic to a website of their choosing is problematic, to say the least.
What’s more, site owners are saying that this is being done without the need for the culprit to log in or authenticate with a password, which suggests that somehow the plugin has a malicious back door which allows someone to manipulate it, or at very least a security hole which has been discovered and exploited by a malicious actor.
What You Need to Do about the Simple 301 Redirect WordPress Plugin Hack
The first thing to do is to disable the plugin Simple 301 Redirect, and the Simple 301 Redirect Bulk Uploader addon.
While it is believed right now that the Bulk Uploader addon is the issue, that has not been completely confirmed, so it’s best to disable both to start.
Now, check to make sure that when you go to your website that it is still your website at which you land, rather than it being redirected elsewhere.
Be sure to perform this check from a private web browser window so that you aren’t being served a cached copy of your site.
If you find that you have in fact been affected by the hack, and so your site is redirecting to a different site, here’s what to do.
How to Deal with the Simple 301 Redirects Hack
Update the Simple 301 Redirects plugin by going here. The plugin author, Scott Nellé, seems to be on top of all of this (and says that it is definitely the Bulk Upload addon, which was not created by him, that was compromised).
After doing this, use the plugin to update your 301 redirects and get rid of the bad ones.
Use a private browse window to confirm that your site is loading as it should.
Then, if you must use the Bulk Uploader addon, be sure you are using the very latest, updated version, which as of the time of this writing is version 1.2.5, which was updated on August 8th, 2019. You can do that here.
No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free? Thank you!
|Get notified of new Internet Patrol articles!