# Bizarre site redirect



## Carol (Jun 24, 2012)

Bob, this is a strange one.

 A small number of times that I have been posting, I have been redirected to a generic screen, even though the site URL is correct.

I have only noticed this on Fedora/Firefox from a slow connection.  If I have my toughbook sitting behind my router, my web surfing slows way down.

I did clean out my cache, but it still occurred.  Not a big deal to me, but just more of an FYI.


----------



## Bob Hubbard (Jun 24, 2012)

That's flat out odd.  Site's registered through next year, never lapsed.

My first guess is DNS issues...your system cant find the site, so it loads a generic search page. 

Next time that happens, ping or traceroute it please.

Something's intercepting your request and loading that page in our place.


----------



## rlobrecht (Jun 24, 2012)

You might want to make sure your virus/malware detection is up to date, and then do a full scan.


----------



## Bob Hubbard (Jun 24, 2012)

sounds like dns cache poisoning to me, but I'm not positive.


----------



## Carol (Jun 24, 2012)

Bob Hubbard said:


> That's flat out odd.  Site's registered through next year, never lapsed.
> 
> My first guess is DNS issues...your system cant find the site, so it loads a generic search page.
> 
> ...


 
Aha!  My VPN router doesn't have a DNS entry in its config.  So...backhauling the DNS query/resolution to my workstation is making web surfing possible but probably creating a timeout somewhere that results in the generic page being loaded.  Probably because the VPN config wasn't originally intended for web surfing 

Ping and traceroute both perfect and resolve to 72.52.252.198.  This is sounding a lot like something specific to my setup.


----------



## mmartist (Jun 24, 2012)

LoL. Actually I've experienced the same problem with the same site appearing several times, when I have used Firefox for a while there I thought I was getting web-crazed


----------



## Bob Hubbard (Jun 24, 2012)

Carol said:


> Aha!  My VPN router doesn't have a DNS entry in its config.  So...backhauling the DNS query/resolution to my workstation is making web surfing possible but probably creating a timeout somewhere that results in the generic page being loaded.  Probably because the VPN config wasn't originally intended for web surfing
> 
> Ping and traceroute both perfect and resolve to 72.52.252.198.  This is sounding a lot like something specific to my setup.



Cool.  

IP is correct.


----------



## jezr74 (Jun 24, 2012)

It could be site jacking. If you are familiar with your site and have access to your cpanel, look for for some folders or files that look odd, like root/www/DFRSW/. In the folder there may be a file with a list of sites. It will send certain traffic to these sites intermittently. If you have such a file, you will need to check your .htaccess or dns records for the range it's targeting. 

I've seen this a few times on sites, and have fixed a few customers in the past.

If you do find the hijacking, I can send more detailed info on how to remove if you need assistance.




Sent using Tapatalk


----------



## Bob Hubbard (Jun 25, 2012)

Verified the htaccess files and files, all look good.


----------

