I have a small hobby website (WordPress) that has been online for 15 years, never had a problem, until now. I rebuilt it from scratch, but within a few hours I had a redirect hack, that randomly happened, redirect to unwanted site. I even deleted everything (and I mean everything), database, users, files, everything in the public folder, then created the database by hand, created the user, made sure database and user names could never be guessed, downloaded latest WordPress 6.1.1 from wordpress.org, manually changed the database prefix in the config file from wp\_ to something else, manually added salt keys, manually uploaded the files then ran the install online adding 30 random character password, everything. Then installed the WPS Hide Login plugin from WPServeur (last updated 7 months ago but over 1 million installs but I have used for years), then within two minutes, bang, website redirect again. I did this whole thing three times and got the same thing. I even scanned my entire PC for viruses, malware, everything. I am baffled? Ay help would be really appreciated. Thank you.
[ad_2]
What “files” did you upload? What theme were you using and where did you source it from? Plugins and themes are the usual malware entry point.
Install Wordfence and run a scan.
Install wordfence & run a scan, it will come up with infected files, it may point to the location of the problem.
It probably is a plugin. Need more information