Redirect malware script

Many sites were hacked and injected with forwardmytraffic malicious script, despite using Wordfence. In most cases, there’s no admin access – wp-admin will forward to forwardmytraffic[.]com.

We’ve been fixing lots of sites lately, which have siteurl value changed to either:


To prevent further data loss, you should immediate backup your database & site files. If you’re unsure how to perform this action, contact your developer or hosting provider.

Second, you should revert the changes made on wp_options ( siteurl value ) & wp_posts ( malicious injections ) tables. In most cases, siteurl and home should be the same.

Useful links:
Wordpress forums, redirected to in database and alot of scripts :
Sucuri labs, Side Effects of the Site_url Hack: <a href=”″> </a>
Cleanup plans: <a href=””></a>

Let us clean your site