“Help, my WordPress website is randomly redirecting to a Justin Bieber video!”
Have no fear, citizens of Netropolis! Your website has contracted a case of Bieber Fever, but we can cure it in a few simple steps. But first…. how was Bieber Fever passed to your site? Did The Bieb bless it with his presence? Was your WordPress site hacked by a malevolent fangirl?
Fortunately, its something a lot simpler than either of those things. It seems that some script authors with a sense of humor have caused pirated versions of their scripts to randomly redirect to a video of Justin Bieber falling flat on his face. I must admit if I wrote software I might do the same thing! How do you fix this?
How to cure Bieber Fever on your WordPress site:
There are two methods. The first assumes that you have shell access to your web hosting account.
At a command prompt paste in the following command:
grep "http://spamcheckr.com/l.php" * -Rl
That will search all of your WordPress files for that URL of http://spamcheckr.com/l.php and show you which files contain it. Go ahead and click the link… if you dare. You don’t want to get Bieber Fever now!
Here were the results for an infected site:
wp-content/plugins/gravityforms/includes/settings.php
By this, we can tell that the gravityforms plugin is responsible for the Fever of Bieber. The solution? Remove the plugin and replace it with a legit (paid for, or at least, straight from its author) version.
We mentioned another possibility for figuring this out. You’ll need to download all of your WordPress wp-content/plugins folder to your local computer, and then use a program such as Notepad++ to search within the files for the offending URL of http://spamcheckr.com/l.php. It’ll show you which file contains that URL, and you’ll know which plugin is responsible.
So there you have it. Bieber Fever cured, and we didn’t even have to resort to bloodletting. Enjoy!